Skip to main content

tables

Creates, updates, deletes or gets a table resource or lists tables in a region

Overview

Nametables
TypeResource
Description
The AWS::DynamoDB::Table resource creates a DDB table. For more information, see CreateTable in the API Reference.You should be aware of the following behaviors when working with DDB tables:
+ CFNlong typically creates DDB tables in parallel. However, if your template includes multiple DDB tables with indexes, you must declare dependencies so that the tables are created sequentially. DDBlong limits the number of tables with secondary indexes that are in the creating state. If you create multiple tables with indexes at the same time, DDB returns an error and the stack operation fails. For an example, see DynamoDB Table with a DependsOn Attribute.
Our guidance is to use the latest schema documented for your CFNlong templates. This schema supports the provisioning of all table settings below. When using this schema in your CFNlong templates, please ensure that your Identity and Access Management (IAM) policies are updated with appropriate permissions to allow for the authorization of these setting changes.
Idawscc.dynamodb.tables

Fields

NameDatatypeDescription
on_demand_throughputobjectSets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify MaxReadRequestUnits, MaxWriteRequestUnits, or both.
sse_specificationobjectSpecifies the settings to enable server-side encryption.
kinesis_stream_specificationobjectThe Kinesis Data Streams configuration for the specified table.
stream_specificationobjectThe settings for the DDB table stream, which capture changes to items stored in the table.
contributor_insights_specificationobjectThe settings used to enable or disable CloudWatch Contributor Insights for the specified table.
import_source_specificationobject
Specifies the properties of data being imported from the S3 bucket source to the" table.If you specify the ImportSourceSpecification property, and also specify either the StreamSpecification, the TableClass property, the DeletionProtectionEnabled property, or the WarmThroughput property, the IAM entity creating/updating stack must have UpdateTable permission.
point_in_time_recovery_specificationobjectThe settings used to enable point in time recovery.
provisioned_throughputobject
Throughput for the specified table, which consists of values for ReadCapacityUnits and WriteCapacityUnits. For more information about the contents of a provisioned throughput structure, see Amazon DynamoDB Table ProvisionedThroughput.If you set BillingMode as PROVISIONED, you must specify this property. If you set BillingMode as PAY_PER_REQUEST, you cannot specify this property.
warm_throughputobjectRepresents the warm throughput (in read units per second and write units per second) for creating a table.
table_namestring
A name for the table. If you don't specify a name, CFNlong generates a unique physical ID and uses that ID for the table name. For more information, see Name Type.If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
attribute_definitionsarray
A list of attributes that describe the key schema for the table and indexes.This property is required to create a DDB table.
Update requires: Some interruptions. Replacement if you edit an existing AttributeDefinition.
billing_modestring
Specify how you are charged for read and write throughput and how you manage capacity.Valid values include:
+ PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST for most DynamoDB workloads. PAY_PER_REQUEST sets the billing mode to On-demand capacity mode.
+ PROVISIONED - We recommend using PROVISIONED for steady workloads with predictable growth where capacity requirements can be reliably forecasted. PROVISIONED sets the billing mode to Provisioned capacity mode.
If not specified, the default is PROVISIONED.
global_secondary_indexesarray
Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.If you update a table to include a new global secondary index, CFNlong initiates the index creation and then proceeds with the stack update. CFNlong doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is ACTIVE. You can track its status by using the DynamoDB DescribeTable command.
If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.
Updates are not supported. The following are exceptions:
+ If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.
+ You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.
resource_policyobject
An AWS resource-based policy document in JSON format that will be attached to the table.When you attach a resource-based policy while creating a table, the policy application is strongly consistent.
The maximum size supported for a resource-based policy document is 20 KB. DynamoDB counts whitespaces when calculating the size of a policy against this limit. For a full list of all considerations that apply for resource-based policies, see Resource-based policy considerations.
You need to specify the CreateTable and PutResourcePolicy IAM actions for authorizing a user to create a table with a resource-based policy.
key_schemaobjectSpecifies the attributes that make up the primary key for the table. The attributes in the KeySchema property must also be defined in the AttributeDefinitions property.
local_secondary_indexesarrayLocal secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.
arnstring
stream_arnstring
deletion_protection_enabledbooleanDetermines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see Using deletion protection in the Developer Guide.
table_classstringThe table class of the new table. Valid values are STANDARD and STANDARD_INFREQUENT_ACCESS.
tagsarray
An array of key-value pairs to apply to this resource.For more information, see Tag.
time_to_live_specificationobject
Specifies the Time to Live (TTL) settings for the table.For detailed information about the limits in DynamoDB, see Limits in Amazon DynamoDB in the Amazon DynamoDB Developer Guide.
regionstringAWS region.

For more information, see AWS::DynamoDB::Table.

Methods

NameResourceAccessible byRequired Params
create_resourcetablesINSERTKeySchema, region
delete_resourcetablesDELETEIdentifier, region
update_resourcetablesUPDATEIdentifier, PatchDocument, region
list_resourcestables_list_onlySELECTregion
get_resourcetablesSELECTIdentifier, region

SELECT examples

Gets all properties from an individual table.

SELECT
  region,
  on_demand_throughput,
  sse_specification,
  kinesis_stream_specification,
  stream_specification,
  contributor_insights_specification,
  import_source_specification,
  point_in_time_recovery_specification,
  provisioned_throughput,
  warm_throughput,
  table_name,
  attribute_definitions,
  billing_mode,
  global_secondary_indexes,
  resource_policy,
  key_schema,
  local_secondary_indexes,
  arn,
  stream_arn,
  deletion_protection_enabled,
  table_class,
  tags,
  time_to_live_specification
FROM awscc.dynamodb.tables
WHERE
  region = '{{ region }}' AND
  Identifier = '{{ table_name }}';

INSERT example

Use the following StackQL query and manifest file to create a new table resource, using stack-deploy.

/*+ create */
INSERT INTO awscc.dynamodb.tables (
  KeySchema,
  region
)
SELECT
  '{{ key_schema }}',
  '{{ region }}'
RETURNING
  ErrorCode,
  EventTime,
  Identifier,
  Operation,
  OperationStatus,
  RequestToken,
  ResourceModel,
  RetryAfter,
  StatusMessage,
  TypeName
;

UPDATE example

Use the following StackQL query and manifest file to update a table resource, using stack-deploy.

/*+ update */
UPDATE awscc.dynamodb.tables
SET PatchDocument = string('{{ {
    "OnDemandThroughput": on_demand_throughput,
    "SSESpecification": sse_specification,
    "KinesisStreamSpecification": kinesis_stream_specification,
    "StreamSpecification": stream_specification,
    "ContributorInsightsSpecification": contributor_insights_specification,
    "PointInTimeRecoverySpecification": point_in_time_recovery_specification,
    "ProvisionedThroughput": provisioned_throughput,
    "WarmThroughput": warm_throughput,
    "AttributeDefinitions": attribute_definitions,
    "BillingMode": billing_mode,
    "GlobalSecondaryIndexes": global_secondary_indexes,
    "ResourcePolicy": resource_policy,
    "KeySchema": key_schema,
    "LocalSecondaryIndexes": local_secondary_indexes,
    "DeletionProtectionEnabled": deletion_protection_enabled,
    "TableClass": table_class,
    "Tags": tags,
    "TimeToLiveSpecification": time_to_live_specification
} | generate_patch_document }}')
WHERE
  region = '{{ region }}' AND
  Identifier = '{{ table_name }}'
RETURNING
  ErrorCode,
  EventTime,
  Identifier,
  Operation,
  OperationStatus,
  RequestToken,
  ResourceModel,
  RetryAfter,
  StatusMessage,
  TypeName
;

DELETE example

/*+ delete */
DELETE FROM awscc.dynamodb.tables
WHERE
  Identifier = '{{ table_name }}' AND
  region = '{{ region }}'
RETURNING
  ErrorCode,
  EventTime,
  Identifier,
  Operation,
  OperationStatus,
  RequestToken,
  ResourceModel,
  RetryAfter,
  StatusMessage,
  TypeName
;

Additional Parameters

Mutable resources in the Cloud Control provider support additional optional parameters which can be supplied with INSERT, UPDATE, or DELETE operations. These include:

ParameterDescription
ClientToken
A unique identifier to ensure the idempotency of the resource request.This allows the provider to accurately distinguish between retries and new requests.
A client token is valid for 36 hours once used.
After that, a resource request with the same client token is treated as a new request.
If you do not specify a client token, one is generated for inclusion in the request.
RoleArn
The ARN of the IAM role used to perform this resource operation.The role specified must have the permissions required for this operation.
If you do not specify a role, a temporary session is created using your AWS user credentials.
TypeVersionId
For private resource types, the type version to use in this resource operation.If you do not specify a resource version, the default version is used.

Permissions

To operate on the tables resource, the following permissions are required:

dynamodb:DescribeTable,
dynamodb:DescribeContinuousBackups,
dynamodb:DescribeContributorInsights,
dynamodb:DescribeKinesisStreamingDestination,
dynamodb:ListTagsOfResource,
dynamodb:GetResourcePolicy