Error from CloudFormation when creating DynamoDB GSI
I'm getting the following error from cloudformation:
My snippet of template:
ConnectionsTable:
Type: AWS::DynamoDB::Table
DeletionPolicy: Delete
UpdateReplacePolicy: Delete
Properties:
AttributeDefinitions:
- AttributeName: UserID
AttributeType: 'S'
- AttributeName: WebsocketID
AttributeType: 'S'
KeySchema:
- AttributeName: UserID
KeyType: HASH
SSESpecification:
KMSMasterKeyId: !Ref ConnectionsTableKey
SSEEnabled: true
SSEType: KMS
GlobalSecondaryIndexes:
- IndexName: "WebsocketID"
KeySchema:
- AttributeName: WebsocketID
KeyType: HASH
Projection:
NonKeyAttributes:
- AgentID
ProjectionType: "INCLUDE"
ProvisionedThroughput:
ReadCapacityUnits: "0"
WriteCapacityUnits: "0"
BillingMode: PAY_PER_REQUEST
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: false
TimeToLiveSpecification:
AttributeName: ExpiryTimestamp
Enabled: true
I've tried without the ProvisionedThroughput block in the GSI, I've tried with it. I've tried without the GSI (that works), but then adding it in fails again.
I can't replicate it either - I've created a new template with just this table, and it creates quite happily.
Where am I going wrong?
- 최신
- 최다 투표
- 가장 많은 댓글
Okay - this is weird! In my scenario, there was some difference between the table and my stack. I /think/ it comes down to having this:
SSESpecification:
KMSMasterKeyId: !Ref ConnectionsTableKey
SSEEnabled: true
SSEType: KMS
In this case, the SSEType line is confusing things, as I want to use customer-managed keys, not the AWS default KMS for Dynamo. Removing this line, adding quotes around PAY_PER_REQUEST and a couple other small changes (removing the DeletionPolicy and UpdateReplacePolicy) seem to have fixed the issue.
Hello,
Couldn't get your exact issue. The below code block is working good for me and creating the table as well as GSI. both are ondemand capacity units.
Please let me if you still have any issues
PS : I have removed the KMS key reference, you can add it back and test.
AWSTemplateFormatVersion: "2010-09-09"
Resources:
ConnectionsTable:
Type: AWS::DynamoDB::Table
DeletionPolicy: Delete
UpdateReplacePolicy: Delete
Properties:
AttributeDefinitions:
- AttributeName: UserID
AttributeType: 'S'
- AttributeName: WebsocketID
AttributeType: 'S'
KeySchema:
- AttributeName: UserID
KeyType: HASH
GlobalSecondaryIndexes:
- IndexName: "WebsocketID"
KeySchema:
- AttributeName: WebsocketID
KeyType: HASH
Projection:
NonKeyAttributes:
- AgentID
ProjectionType: "INCLUDE"
ProvisionedThroughput:
ReadCapacityUnits: "0"
WriteCapacityUnits: "0"
BillingMode: PAY_PER_REQUEST
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: false
TimeToLiveSpecification:
AttributeName: ExpiryTimestamp
Enabled: true
Hi,
That's right. When you want to use Customer Managed Key (CMK) by specifying "KMSMasterKeyId" , Then you dont have to mention SSEEnabled and SSEType.
These 2 options applicable only when you want to use default aws managed key.
