Based on
- https://aws.amazon.com/blogs/database/cross-account-replication-with-amazon-dynamodb/
- https://github.com/aws-samples/cross-account-amazon-dynamodb-replication
- Enable dynamoDB streams on the source dynamoDB table
- Create an IAM role in the target account that has full access to the target dynamoDB table. This role will be assumed by the glue job during the initial migration and the lambda during the ongoing replication.
All resources should be deleted once the dynamoDB replication is no longer required.
- Perform terraform destroy on this module (or just dereference it from your stack and let terraform tidy the resources up)
- Disable the source table dynamoDB stream
- Remove the role created as part of pre-req
Simple example setup can be found in the examples folder
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| enabled | Indicates if the replication is enabled | bool |
false |
no |
| initial_load_sg | Security group for the initial load ECS task | string |
n/a | yes |
| initial_load_subnet | Subnet for the initial load ECS task | string |
n/a | yes |
| namespace | Namespace this resources belong to | string |
n/a | yes |
| source_table_name | Source Dynamo DB table name | string |
n/a | yes |
| source_table_stream_arn | Source Dynamo DB table stream ARN | string |
n/a | yes |
| stage | Deployment stage | string |
n/a | yes |
| stage_type | Deployment stage type | string |
n/a | yes |
| tags | A map of tags to assign to the resource. | map(string) |
n/a | yes |
| target_account | Target AWS Account Number | string |
n/a | yes |
| target_dynamodb_table_name | Target DynamoDB Table name | string |
n/a | yes |
| target_region | The region for the target DynamoDB table | string |
n/a | yes |
| target_role_arn | Target IAM Role name to be assumed by Lambda function and a Glue job | string |
n/a | yes |
No output.