From 421b5c0567d789ff2c6adf167ccf57c871c5e623 Mon Sep 17 00:00:00 2001
From: Brett Au <86862761+brett-au@users.noreply.github.com>
Date: Mon, 30 Sep 2024 13:20:56 -0400
Subject: [PATCH] feat: support delete protection for dynamodb (#1118)
---
modules/dynamodb/README.md | 1 +
modules/dynamodb/main.tf | 2 ++
modules/dynamodb/variables.tf | 6 ++++++
3 files changed, 9 insertions(+)
diff --git a/modules/dynamodb/README.md b/modules/dynamodb/README.md
index ff68e2682..df1d3ca2e 100644
--- a/modules/dynamodb/README.md
+++ b/modules/dynamodb/README.md
@@ -77,6 +77,7 @@ No resources.
| [autoscaler\_tags](#input\_autoscaler\_tags) | Additional resource tags for the autoscaler module | `map(string)` | `{}` | no |
| [billing\_mode](#input\_billing\_mode) | DynamoDB Billing mode. Can be PROVISIONED or PAY\_PER\_REQUEST | `string` | `"PROVISIONED"` | no |
| [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | {
"additional_tag_map": {},
"attributes": [],
"delimiter": null,
"descriptor_formats": {},
"enabled": true,
"environment": null,
"id_length_limit": null,
"label_key_case": null,
"label_order": [],
"label_value_case": null,
"labels_as_tags": [
"unset"
],
"name": null,
"namespace": null,
"regex_replace_chars": null,
"stage": null,
"tags": {},
"tenant": null
} | no |
+| [deletion\_protection\_enabled](#input\_deletion\_protection\_enabled) | Enable/disable DynamoDB table deletion protection | `bool` | `false` | no |
| [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
| [descriptor\_formats](#input\_descriptor\_formats) | Describe additional descriptors to be output in the `descriptors` output map.
Map of maps. Keys are names of descriptors. Values are maps of the form
`{
format = string
labels = list(string)
}`
(Type is `any` so the map values can later be enhanced to provide additional options.)
`format` is a Terraform format string to be passed to the `format()` function.
`labels` is a list of labels, in order, to pass to `format()` function.
Label values will be normalized before being passed to `format()` so they will be
identical to how they appear in `id`.
Default is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |
| [dynamodb\_attributes](#input\_dynamodb\_attributes) | Additional DynamoDB attributes in the form of a list of mapped values | list(object({
name = string
type = string
})) | `[]` | no |
diff --git a/modules/dynamodb/main.tf b/modules/dynamodb/main.tf
index 979d66b2e..03982fb79 100644
--- a/modules/dynamodb/main.tf
+++ b/modules/dynamodb/main.tf
@@ -43,5 +43,7 @@ module "dynamodb_table" {
enable_point_in_time_recovery = var.point_in_time_recovery_enabled
+ deletion_protection_enabled = var.deletion_protection_enabled
+
context = module.this.context
}
diff --git a/modules/dynamodb/variables.tf b/modules/dynamodb/variables.tf
index a0e7b593e..a3ea0d22b 100644
--- a/modules/dynamodb/variables.tf
+++ b/modules/dynamodb/variables.tf
@@ -174,6 +174,12 @@ variable "replicas" {
description = "List of regions to create a replica table in"
}
+variable "deletion_protection_enabled" {
+ type = bool
+ default = false
+ description = "Enable/disable DynamoDB table deletion protection"
+}
+
variable "import_table" {
type = object({
# Valid values are GZIP, ZSTD and NONE