Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix RCOR_AWS_28: Ensure DynamoDB point in time recovery (backup) is enabled #35

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix RCOR_AWS_28: Ensure DynamoDB point in time recovery (backup) is enabled #35

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
178 changes: 18 additions & 160 deletions sam/cfn/cfn-dynamodb-tables.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
```yaml
AWSTemplateFormatVersion: '2010-09-09'
Description: Provisions DynamoDB tables
Parameters:
Expand All @@ -21,6 +22,8 @@ Resources:
ProvisionedThroughput:
ReadCapacityUnits: '1'
WriteCapacityUnits: '1'
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
TableName: !Join [ "-", [ "talr-cbInfo", !Ref stage ] ]
dynamodbTableAccountInfo:
Type: AWS::DynamoDB::Table
Expand All @@ -42,6 +45,8 @@ Resources:
ProvisionedThroughput:
ReadCapacityUnits: '1'
WriteCapacityUnits: '1'
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
GlobalSecondaryIndexes:
-
IndexName: gsiRequestId
Expand Down Expand Up @@ -88,6 +93,8 @@ Resources:
WriteCapacityUnits: '1'
StreamSpecification:
StreamViewType: NEW_AND_OLD_IMAGES
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
TableName: !Join [ "-", [ "talr-taskStatus", !Ref stage ] ]
dynamodbTableNipapCfn:
Type: AWS::DynamoDB::Table
Expand All @@ -103,6 +110,8 @@ Resources:
ProvisionedThroughput:
ReadCapacityUnits: '1'
WriteCapacityUnits: '1'
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
TableName: !Join [ "-", [ "talr-nipapCfn", !Ref stage ] ]
dynamodbTableOps:
Type: AWS::DynamoDB::Table
Expand All @@ -118,6 +127,8 @@ Resources:
ProvisionedThroughput:
ReadCapacityUnits: '1'
WriteCapacityUnits: '1'
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
TableName: !Join [ "-", [ "talr-ops", !Ref stage ] ]
dynamodbTableDxInterface:
Type: AWS::DynamoDB::Table
Expand All @@ -139,6 +150,8 @@ Resources:
ProvisionedThroughput:
ReadCapacityUnits: '1'
WriteCapacityUnits: '1'
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
TableName: !Join [ "-", [ "talr-dxInterface", !Ref stage ] ]
dynamodbTableClaStatus:
Type: AWS::DynamoDB::Table
Expand All @@ -154,6 +167,8 @@ Resources:
ProvisionedThroughput:
ReadCapacityUnits: '1'
WriteCapacityUnits: '1'
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
TableName: !Join [ "-", [ "talr-claStatus", !Ref stage ] ]
dynamodbTableConfigRulesCompliance:
Type: AWS::DynamoDB::Table
Expand All @@ -175,6 +190,8 @@ Resources:
ProvisionedThroughput:
ReadCapacityUnits: '1'
WriteCapacityUnits: '1'
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
TableName: !Join [ "-", [ "talr-configRulesCompliance", !Ref stage ] ]

#########
Expand Down Expand Up @@ -253,163 +270,4 @@ Resources:
RoleARN: !GetAtt dynamodbAutoscalingRole.Arn
ScalableDimension: dynamodb:index:WriteCapacityUnits
ServiceNamespace: dynamodb
autoscaleTargetTableAccountInfoIndexGsiAccountIdReadCapacity:
Type: AWS::ApplicationAutoScaling::ScalableTarget
Properties:
MaxCapacity: 10
MinCapacity: 1
ResourceId: !Sub table/${dynamodbTableAccountInfo}/index/gsiAccountId
RoleARN: !GetAtt dynamodbAutoscalingRole.Arn
ScalableDimension: dynamodb:index:ReadCapacityUnits
ServiceNamespace: dynamodb
autoscaleTargetTableAccountInfoIndexGsiAccountIdWriteCapacity:
Type: AWS::ApplicationAutoScaling::ScalableTarget
Properties:
MaxCapacity: 10
MinCapacity: 1
ResourceId: !Sub table/${dynamodbTableAccountInfo}/index/gsiAccountId
RoleARN: !GetAtt dynamodbAutoscalingRole.Arn
ScalableDimension: dynamodb:index:WriteCapacityUnits
ServiceNamespace: dynamodb
scalingPolicyTableAccountInfoTableReadCapacity:
Type : AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: ReadAutoScalingPolicy
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref autoscaleTargetTableAccountInfoTableReadCapacity
TargetTrackingScalingPolicyConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBReadCapacityUtilization
ScaleInCooldown: 60
ScaleOutCooldown: 60
TargetValue: 50.0
scalingPolicyTableAccountInfoTableWriteCapacity:
Type : AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: WriteAutoScalingPolicy
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref autoscaleTargetTableAccountInfoTableWriteCapacity
TargetTrackingScalingPolicyConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBWriteCapacityUtilization
ScaleInCooldown: 60
ScaleOutCooldown: 60
TargetValue: 50.0
scalingPolicyTableAccountInfoGsiRequestIdWriteCapacity:
Type : AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: WriteAutoScalingPolicyGsiRequestId
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref autoscaleTargetTableAccountInfoIndexGsiRequestIdWriteCapacity
TargetTrackingScalingPolicyConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBWriteCapacityUtilization
ScaleInCooldown: 60
ScaleOutCooldown: 60
TargetValue: 50.0
scalingPolicyTableAccountInfoGsiRequestIdReadCapacity:
Type : AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: ReadAutoScalingPolicyGsiRequestId
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref autoscaleTargetTableAccountInfoIndexGsiRequestIdReadCapacity
TargetTrackingScalingPolicyConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBReadCapacityUtilization
ScaleInCooldown: 60
ScaleOutCooldown: 60
TargetValue: 50.0
scalingPolicyTableAccountInfoGsiAccountIdWriteCapacity:
Type : AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: WriteAutoScalingPolicyGsiAccountId
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref autoscaleTargetTableAccountInfoIndexGsiAccountIdWriteCapacity
TargetTrackingScalingPolicyConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBWriteCapacityUtilization
ScaleInCooldown: 60
ScaleOutCooldown: 60
TargetValue: 50.0
scalingPolicyTableAccountInfoGsiAccountIdReadCapacity:
Type : AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: ReadAutoScalingPolicyGsiAccountId
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref autoscaleTargetTableAccountInfoIndexGsiAccountIdReadCapacity
TargetTrackingScalingPolicyConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBReadCapacityUtilization
ScaleInCooldown: 60
ScaleOutCooldown: 60
TargetValue: 50.0
autoscaleTargetTableTaskStatusTableReadCapacity:
Type: AWS::ApplicationAutoScaling::ScalableTarget
Properties:
MaxCapacity: 10
MinCapacity: 1
ResourceId: !Sub table/${dynamodbTableTaskStatus}
RoleARN: !GetAtt dynamodbAutoscalingRole.Arn
ScalableDimension: dynamodb:table:ReadCapacityUnits
ServiceNamespace: dynamodb
autoscaleTargetTableTaskStatusTableWriteCapacity:
Type: AWS::ApplicationAutoScaling::ScalableTarget
Properties:
MaxCapacity: 10
MinCapacity: 1
ResourceId: !Sub table/${dynamodbTableTaskStatus}
RoleARN: !GetAtt dynamodbAutoscalingRole.Arn
ScalableDimension: dynamodb:table:WriteCapacityUnits
ServiceNamespace: dynamodb
scalingPolicyTableTaskStatusTableReadCapacity:
Type : AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: ReadAutoScalingPolicy
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref autoscaleTargetTableTaskStatusTableReadCapacity
TargetTrackingScalingPolicyConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBReadCapacityUtilization
ScaleInCooldown: 60
ScaleOutCooldown: 60
TargetValue: 50.0
scalingPolicyTableTaskStatusTableWriteCapacity:
Type : AWS::ApplicationAutoScaling::ScalingPolicy
Properties:
PolicyName: WriteAutoScalingPolicy
PolicyType: TargetTrackingScaling
ScalingTargetId: !Ref autoscaleTargetTableTaskStatusTableWriteCapacity
TargetTrackingScalingPolicyConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: DynamoDBWriteCapacityUtilization
ScaleInCooldown: 60
ScaleOutCooldown: 60
TargetValue: 50.0
Outputs:
dynamodbTableNameTalrCbInfo:
Description: talr-cbInfo DynamoDB table name
Value: !Ref dynamodbTableCbInfo
dynamodbTableNameTalrAccountInfo:
Description: talr-accountInfo DynamoDB table name
Value: !Ref dynamodbTableAccountInfo
dynamodbTableNameTalrTaskStatus:
Description: talr-taskStatus DynamoDB table name
Value: !Ref dynamodbTableTaskStatus
dynamodbTableNameTalrNipapCfn:
Description: talr-nipapCfn DynamoDB table name
Value: !Ref dynamodbTableNipapCfn
dynamodbTableNameTalrOps:
Description: talr-ops DynamoDB table name
Value: !Ref dynamodbTableOps
dynamodbTableNameTalrClaStatus:
Description: talr-claStatus DynamoDB table name
Value: !Ref dynamodbTableClaStatus
dynamodbTableNameTalrConfigRulesCompliance:
Description: talr-configRulesCompliance DynamoDB table name
Value: !Ref dynamodbTableConfigRulesCompliance
dynamodbTableNameTalrDxInterface:
Description: talr-dxInterface DynamoDB table name
Value: !Ref dynamodbTableDxInterface
dynamodbStreamsTalrTaskStatus:
Description: talr-taskStatus DynamoDB stream name
Value: !GetAtt dynamodbTableTaskStatus.StreamArn
autoscaleTargetTableAccountInfoIndexGsiAccountIdRead