salt.states.boto_dynamodb

Manage DynamoDB Tables

New in version 2015.5.0.

Create and destroy DynamoDB tables. Be aware that this interacts with Amazon's services, and so may incur charges.

This module uses boto, which can be installed via package, or pip.

This module accepts explicit DynamoDB credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More information available here.

If IAM roles are not used you need to specify them either in a pillar file or in the minion's config file:

keyid: GKTADJGHEIQSXMKKRBJ08H
key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
region: us-east-1

It's also possible to specify key, keyid and region via a profile, either passed in as a dict, or as a string to pull from pillars or minion config:

myprofile:
    keyid: GKTADJGHEIQSXMKKRBJ08H
    key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
        region: us-east-1
Ensure DynamoDB table does not exist:
  boto_dynamodb.absent:
    - table_name: new_table
    - keyid: GKTADJGHEIQSXMKKRBJ08H
    - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
    - region: us-east-1

Ensure DynamoDB table exists:
  boto_dynamodb.present:
    - table_name: new_table
    - read_capacity_units: 1
    - write_capacity_units: 2
    - hash_key: primary_id
    - hash_key_data_type: N
    - range_key: start_timestamp
    - range_key_data_type: N
    - keyid: GKTADJGHEIQSXMKKRBJ08H
    - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
    - region: us-east-1
    - local_indexes:
        - index:
            - name: "primary_id_end_timestamp_index"
            - hash_key: primary_id
            - hash_key_data_type: N
            - range_key: end_timestamp
            - range_key_data_type: N
    - global_indexes:
        - index:
            - name: "name_end_timestamp_index"
            - hash_key: name
            - hash_key_data_type: S
            - range_key: end_timestamp
            - range_key_data_type: N
            - read_capacity_units: 3
            - write_capacity_units: 4

It's possible to specify cloudwatch alarms that will be setup along with the DynamoDB table. Note the alarm name will be defined by the name attribute provided, plus the DynamoDB resource name.

Ensure DynamoDB table exists:
  boto_dynamodb.present:
    - name: new_table
    - read_capacity_units: 1
    - write_capacity_units: 2
    - hash_key: primary_id
    - hash_key_data_type: N
    - range_key: start_timestamp
    - range_key_data_type: N
    - alarms:
         ConsumedWriteCapacityUnits:
            name: 'DynamoDB ConsumedWriteCapacityUnits **MANAGED BY SALT**'
            attributes:
              metric: ConsumedWriteCapacityUnits
              namespace: AWS/DynamoDB
              statistic: Sum
              comparison: '>='
              # threshold_percent is used to calculate the actual threshold
              # based on the provisioned capacity for the table.
              threshold_percent: 0.75
              period: 300
              evaluation_periods: 2
              unit: Count
              description: 'DynamoDB ConsumedWriteCapacityUnits'
              alarm_actions: [ 'arn:aws:sns:us-east-1:1234:my-alarm' ]
              insufficient_data_actions: []
              ok_actions: [ 'arn:aws:sns:us-east-1:1234:my-alarm' ]
    - keyid: GKTADJGHEIQSXMKKRBJ08H
    - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
    - region: us-east-1

You can also use alarms from pillars, and override values from the pillar alarms by setting overrides on the resource. Note that 'boto_dynamodb_alarms' will be used as a default value for all resources, if defined and can be used to ensure alarms are always set for a resource.

Setting the alarms in a pillar:

boto_dynamodb_alarms:
  ConsumedWriteCapacityUnits:
    name: 'DynamoDB ConsumedWriteCapacityUnits **MANAGED BY SALT**'
    attributes:
      metric: ConsumedWriteCapacityUnits
      namespace: AWS/DynamoDB
      statistic: Sum
      comparison: '>='
      # threshold_percent is used to calculate the actual threshold
      # based on the provisioned capacity for the table.
      threshold_percent: 0.75
      period: 300
      evaluation_periods: 2
      unit: Count
      description: 'DynamoDB ConsumedWriteCapacityUnits'
      alarm_actions: [ 'arn:aws:sns:us-east-1:1234:my-alarm' ]
      insufficient_data_actions: []
      ok_actions: [ 'arn:aws:sns:us-east-1:1234:my-alarm' ]

Ensure DynamoDB table exists:
  boto_dynamodb.present:
    - name: new_table
    - read_capacity_units: 1
    - write_capacity_units: 2
    - hash_key: primary_id
    - hash_key_data_type: N
    - range_key: start_timestamp
    - range_key_data_type: N
    - alarms:
         ConsumedWriteCapacityUnits:
            attributes:
              threshold_percent: 0.90
              period: 900
exception salt.states.boto_dynamodb.GsiNotUpdatableError

Raised when a global secondary index cannot be updated.

salt.states.boto_dynamodb.absent(name, region=None, key=None, keyid=None, profile=None)

Ensure the DynamoDB table does not exist.

name

Name of the DynamoDB table.

region

Region to connect to.

key

Secret key to be used.

keyid

Access key to be used.

profile

A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.

salt.states.boto_dynamodb.present(name=None, table_name=None, region=None, key=None, keyid=None, profile=None, read_capacity_units=None, write_capacity_units=None, alarms=None, alarms_from_pillar='boto_dynamodb_alarms', hash_key=None, hash_key_data_type=None, range_key=None, range_key_data_type=None, local_indexes=None, global_indexes=None, backup_configs_from_pillars='boto_dynamodb_backup_configs')

Ensure the DynamoDB table exists. Table throughput can be updated after table creation.

Global secondary indexes (GSIs) are managed with some exceptions:

  • If a GSI deletion is detected, a failure will occur (deletes should be done manually in the AWS console).

  • If multiple GSIs are added in a single Salt call, a failure will occur (boto supports one creation at a time). Note that this only applies after table creation; multiple GSIs can be created during table creation.

  • Updates to existing GSIs are limited to read/write capacity only (DynamoDB limitation).

name

Name of the DynamoDB table

table_name

Name of the DynamoDB table (deprecated)

region

Region to connect to.

key

Secret key to be used.

keyid

Access key to be used.

profile

A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.

read_capacity_units

The read throughput for this table

write_capacity_units

The write throughput for this table

hash_key

The name of the attribute that will be used as the hash key for this table

hash_key_data_type

The DynamoDB datatype of the hash key

range_key

The name of the attribute that will be used as the range key for this table

range_key_data_type

The DynamoDB datatype of the range key

local_indexes

The local indexes you would like to create

global_indexes

The global indexes you would like to create

backup_configs_from_pillars

Pillars to use to configure DataPipeline backups