- 新しい順
- 投票が多い順
- コメントが多い順
Hello,
I understand that you have a query regarding enforcing a specific partition key for the Kinesis PutRecord API.
-
Firstly I would like to mention that currently the IAM action -
PutRecord
doesn't support any condition keys. Also, it only support resource restriction in terms ofstream type
->arn:${Partition}:kinesis:${Region}:${Account}:stream/${StreamName}
-
Secondly, please note that partition key is a mandatory parameter when using PutRecord/PutRecords API call [1].
PartitionKey
Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 256.
Required: Yes
-
As there is currently no way to restrict it from API's end using condition keys, you will have to create a custom implementation in your own application code to enforce the usage of a specific/single partition key restriction when calling the PutRecord API, however please note that the records will always land to a single shard in such a use case.
-
Finally, I also wanted to mention that the best practice provided by service team in regards to the partition key, is to use random partition keys such as uuid.
References:
[1] https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html