-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDynamoDbTable.ts
More file actions
55 lines (48 loc) · 1.42 KB
/
DynamoDbTable.ts
File metadata and controls
55 lines (48 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
import {Construct} from "constructs"
import {RemovalPolicy} from "aws-cdk-lib"
import {
AttributeType,
Billing,
TableEncryptionV2,
TableV2
} from "aws-cdk-lib/aws-dynamodb"
import {Key} from "aws-cdk-lib/aws-kms"
export interface DynamoDbTableProps {
readonly tableName: string
readonly partitionKey: {
name: string
type: AttributeType
}
readonly sortKey?: {
name: string
type: AttributeType
}
readonly timeToLiveAttribute?: string
}
export class DynamoDbTable extends Construct {
public readonly table: TableV2
public readonly kmsKey: Key
constructor(scope: Construct, id: string, props: DynamoDbTableProps) {
super(scope, id)
const kmsKey = new Key(this, "TableKey", {
enableKeyRotation: true,
description: `KMS key for ${props.tableName} DynamoDB table encryption`,
removalPolicy: RemovalPolicy.DESTROY
})
kmsKey.addAlias(`alias/${props.tableName}-dynamodb-key`)
const table = new TableV2(this, props.tableName, {
tableName: props.tableName,
partitionKey: props.partitionKey,
sortKey: props.sortKey,
billing: Billing.onDemand(),
timeToLiveAttribute: props.timeToLiveAttribute,
pointInTimeRecoverySpecification: {
pointInTimeRecoveryEnabled: true
},
removalPolicy: RemovalPolicy.DESTROY,
encryption: TableEncryptionV2.customerManagedKey(kmsKey)
})
this.kmsKey = kmsKey
this.table = table
}
}