Skip to content

Commit

Permalink
Enable encryption and do not request a specific role (#3)
Browse files Browse the repository at this point in the history 
* Do not specify read/write target roles

hashicorp/terraform-provider-aws#2844

[ch9409]

* Enable encryption

* Add variable for encryption flag
  • Loading branch information
@darend @osterman
darend authored and osterman committed Mar 16, 2018
1 parent 95653fc commit 059c0c5
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 6 deletions.
10 changes: 4 additions & 6 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ resource "aws_dynamodb_table" "default" {
hash_key = "${var.hash_key}"
range_key = "${var.range_key}"

server_side_encryption {
enabled = "${var.enable_encryption}"
}

lifecycle {
ignore_changes = ["read_capacity", "write_capacity"]
}
Expand Down Expand Up @@ -105,15 +109,10 @@ resource "aws_iam_role_policy" "autoscaler_cloudwatch" {
policy = "${data.aws_iam_policy_document.autoscaler_cloudwatch.json}"
}

data "aws_iam_role" "autoscale_service" {
name = "AWSServiceRoleForApplicationAutoScaling_DynamoDBTable"
}

resource "aws_appautoscaling_target" "read_target" {
max_capacity = "${var.autoscale_max_read_capacity}"
min_capacity = "${var.autoscale_min_read_capacity}"
resource_id = "table/${module.default.id}"
role_arn = "${data.aws_iam_role.autoscale_service.arn}"
scalable_dimension = "dynamodb:table:ReadCapacityUnits"
service_namespace = "dynamodb"
}
Expand All @@ -138,7 +137,6 @@ resource "aws_appautoscaling_target" "write_target" {
max_capacity = "${var.autoscale_max_write_capacity}"
min_capacity = "${var.autoscale_min_write_capacity}"
resource_id = "table/${module.default.id}"
role_arn = "${data.aws_iam_role.autoscale_service.arn}"
scalable_dimension = "dynamodb:table:WriteCapacityUnits"
service_namespace = "dynamodb"
}
Expand Down
4 changes: 4 additions & 0 deletions variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,10 @@ variable "stage" {
type = "string"
}

variable "enable_encryption" {
default = "true"
}

variable "attributes" {
type = "list"
default = []
Expand Down

0 comments on commit 059c0c5

Please sign in to comment.