From e7eddf747afe3b48253fec20ac8a55cc3768eae8 Mon Sep 17 00:00:00 2001
From: nnsense <2553412+nnsense@users.noreply.github.com>
Date: Mon, 26 Aug 2024 15:59:39 +0000
Subject: [PATCH 1/7] Adds ddb resource policy
---
main.tf | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/main.tf b/main.tf
index 4302dd5..e2776e8 100644
--- a/main.tf
+++ b/main.tf
@@ -169,3 +169,13 @@ module "dynamodb_autoscaler" {
context = module.this.context
}
+
+variable "resource_policy" {}
+
+resource "aws_dynamodb_resource_policy" "default" {
+ count = local.enabled ? 1 : 0
+ resource_arn = join("", aws_dynamodb_table.default[*].arn)
+ policy = var.resource_policy
+
+ tags = module.this.tags
+}
\ No newline at end of file
From 24e72deeb506682ab02fec70d92f92e04fa980eb Mon Sep 17 00:00:00 2001
From: nnsense <2553412+nnsense@users.noreply.github.com>
Date: Tue, 27 Aug 2024 15:51:56 +0000
Subject: [PATCH 2/7] Add resource and vars
---
main.tf | 10 +++-------
variables.tf | 12 ++++++++++++
2 files changed, 15 insertions(+), 7 deletions(-)
diff --git a/main.tf b/main.tf
index e2776e8..ee06c6c 100644
--- a/main.tf
+++ b/main.tf
@@ -170,12 +170,8 @@ module "dynamodb_autoscaler" {
context = module.this.context
}
-variable "resource_policy" {}
-
resource "aws_dynamodb_resource_policy" "default" {
- count = local.enabled ? 1 : 0
- resource_arn = join("", aws_dynamodb_table.default[*].arn)
+ count = local.enabled && var.attach_resource_policy ? 1 : 0
+ resource_arn = join("", aws_dynamodb_table.default[*].stream_arn)
policy = var.resource_policy
-
- tags = module.this.tags
-}
\ No newline at end of file
+}
diff --git a/variables.tf b/variables.tf
index f8a57eb..9aa782c 100644
--- a/variables.tf
+++ b/variables.tf
@@ -208,3 +208,15 @@ variable "import_table" {
default = null
description = "Import Amazon S3 data into a new table."
}
+
+variable "attach_resource_policy" {
+ type = bool
+ default = false
+ description = "Enable the resource policy settings for the table."
+}
+
+variable "resource_policy" {
+ type = string
+ default = null
+ description = "An Amazon Web Services resource-based policy document in JSON format. Make sure it's less than 20k including spaces."
+}
From a61ffbcb2ad8e71465d31533946c3f5df442adde Mon Sep 17 00:00:00 2001
From: nnsense <2553412+nnsense@users.noreply.github.com>
Date: Tue, 27 Aug 2024 15:53:02 +0000
Subject: [PATCH 3/7] update readme and docs
---
README.md | 3 +++
docs/terraform.md | 5 ++++-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/README.md b/README.md
index e8e4102..df52664 100644
--- a/README.md
+++ b/README.md
@@ -219,6 +219,7 @@ Available targets:
| Name | Type |
|------|------|
+| [aws_dynamodb_resource_policy.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_resource_policy) | resource |
| [aws_dynamodb_table.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
| [null_resource.global_secondary_index_names](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [null_resource.local_secondary_index_names](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
@@ -228,6 +229,7 @@ Available targets:
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.
This is for some rare cases where resources want additional configuration of tags
and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
+| [attach\_resource\_policy](#input\_attach\_resource\_policy) | Enable the resource policy settings for the table. | `bool` | `false` | no |
| [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
| [autoscale\_max\_read\_capacity](#input\_autoscale\_max\_read\_capacity) | DynamoDB autoscaling max read capacity | `number` | `20` | no |
| [autoscale\_max\_write\_capacity](#input\_autoscale\_max\_write\_capacity) | DynamoDB autoscaling max write capacity | `number` | `20` | no |
@@ -265,6 +267,7 @@ Available targets:
| [range\_key\_type](#input\_range\_key\_type) | Range Key type, which must be a scalar type: `S`, `N`, or `B` for (S)tring, (N)umber or (B)inary data | `string` | `"S"` | no |
| [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
| [replicas](#input\_replicas) | List of regions to create replica | `list(string)` | `[]` | no |
+| [resource\_policy](#input\_resource\_policy) | An Amazon Web Services resource-based policy document in JSON format. Make sure it's less than 20k including spaces. | `string` | `null` | no |
| [server\_side\_encryption\_kms\_key\_arn](#input\_server\_side\_encryption\_kms\_key\_arn) | The ARN of the CMK that should be used for the AWS KMS encryption. This attribute should only be specified if the key is different from the default DynamoDB CMK, alias/aws/dynamodb. | `string` | `null` | no |
| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
| [stream\_view\_type](#input\_stream\_view\_type) | When an item in the table is modified, what information is written to the stream | `string` | `""` | no |
diff --git a/docs/terraform.md b/docs/terraform.md
index 3bbe162..e43d560 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -18,13 +18,14 @@
| Name | Source | Version |
|------|--------|---------|
-| [dynamodb\_autoscaler](#module\_dynamodb\_autoscaler) | cloudposse/dynamodb-autoscaler/aws | 0.14.0 |
+| [dynamodb\_autoscaler](#module\_dynamodb\_autoscaler) | cloudposse/dynamodb-autoscaler/aws | 0.16.0 |
| [this](#module\_this) | cloudposse/label/null | 0.25.0 |
## Resources
| Name | Type |
|------|------|
+| [aws_dynamodb_resource_policy.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_resource_policy) | resource |
| [aws_dynamodb_table.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
| [null_resource.global_secondary_index_names](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [null_resource.local_secondary_index_names](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
@@ -34,6 +35,7 @@
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.
This is for some rare cases where resources want additional configuration of tags
and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
+| [attach\_resource\_policy](#input\_attach\_resource\_policy) | Enable the resource policy settings for the table. | `bool` | `false` | no |
| [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
| [autoscale\_max\_read\_capacity](#input\_autoscale\_max\_read\_capacity) | DynamoDB autoscaling max read capacity | `number` | `20` | no |
| [autoscale\_max\_write\_capacity](#input\_autoscale\_max\_write\_capacity) | DynamoDB autoscaling max write capacity | `number` | `20` | no |
@@ -71,6 +73,7 @@
| [range\_key\_type](#input\_range\_key\_type) | Range Key type, which must be a scalar type: `S`, `N`, or `B` for (S)tring, (N)umber or (B)inary data | `string` | `"S"` | no |
| [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
| [replicas](#input\_replicas) | List of regions to create replica | `list(string)` | `[]` | no |
+| [resource\_policy](#input\_resource\_policy) | An Amazon Web Services resource-based policy document in JSON format. Make sure it's less than 20k including spaces. | `string` | `null` | no |
| [server\_side\_encryption\_kms\_key\_arn](#input\_server\_side\_encryption\_kms\_key\_arn) | The ARN of the CMK that should be used for the AWS KMS encryption. This attribute should only be specified if the key is different from the default DynamoDB CMK, alias/aws/dynamodb. | `string` | `null` | no |
| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
| [stream\_view\_type](#input\_stream\_view\_type) | When an item in the table is modified, what information is written to the stream | `string` | `""` | no |
From f9025ece07f30419780ba0c6e1358b919d987ba2 Mon Sep 17 00:00:00 2001
From: nnsense <2553412+nnsense@users.noreply.github.com>
Date: Tue, 27 Aug 2024 16:00:02 +0000
Subject: [PATCH 4/7] Add resource and vars
---
main.tf | 12 +++++++++---
variables.tf | 11 +++++++++--
2 files changed, 18 insertions(+), 5 deletions(-)
diff --git a/main.tf b/main.tf
index ee06c6c..59cdc9a 100644
--- a/main.tf
+++ b/main.tf
@@ -170,8 +170,14 @@ module "dynamodb_autoscaler" {
context = module.this.context
}
-resource "aws_dynamodb_resource_policy" "default" {
- count = local.enabled && var.attach_resource_policy ? 1 : 0
+resource "aws_dynamodb_resource_policy" "table" {
+ count = local.enabled && var.table_resource_policy != null ? 1 : 0
resource_arn = join("", aws_dynamodb_table.default[*].stream_arn)
- policy = var.resource_policy
+ policy = var.table_resource_policy
+}
+
+resource "aws_dynamodb_resource_policy" "stream" {
+ count = local.enabled && var.stream_resource_policy != null ? 1 : 0
+ resource_arn = join("", aws_dynamodb_table.default[*].stream_arn)
+ policy = var.stream_resource_policy
}
diff --git a/variables.tf b/variables.tf
index 9aa782c..ba3e917 100644
--- a/variables.tf
+++ b/variables.tf
@@ -215,8 +215,15 @@ variable "attach_resource_policy" {
description = "Enable the resource policy settings for the table."
}
-variable "resource_policy" {
+variable "table_resource_policy" {
type = string
default = null
- description = "An Amazon Web Services resource-based policy document in JSON format. Make sure it's less than 20k including spaces."
+ description = "An Amazon Web Services resource-based policy document in JSON format setting the permissions for the Dynamo DB table. Make sure it's less than 20k including spaces."
}
+
+variable "stream_resource_policy" {
+ type = string
+ default = null
+ description = "An Amazon Web Services resource-based policy document in JSON format setting the permissions for the Dynamo DB stream. Make sure it's less than 20k including spaces."
+}
+
From eda54d0cc0ea396b7a5ad97ca90c64181ddcc878 Mon Sep 17 00:00:00 2001
From: nnsense <2553412+nnsense@users.noreply.github.com>
Date: Tue, 27 Aug 2024 16:02:19 +0000
Subject: [PATCH 5/7] update readme and docs
---
README.md | 7 ++++---
docs/terraform.md | 7 ++++---
variables.tf | 6 ------
3 files changed, 8 insertions(+), 12 deletions(-)
diff --git a/README.md b/README.md
index df52664..b864f2f 100644
--- a/README.md
+++ b/README.md
@@ -219,7 +219,8 @@ Available targets:
| Name | Type |
|------|------|
-| [aws_dynamodb_resource_policy.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_resource_policy) | resource |
+| [aws_dynamodb_resource_policy.stream](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_resource_policy) | resource |
+| [aws_dynamodb_resource_policy.table](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_resource_policy) | resource |
| [aws_dynamodb_table.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
| [null_resource.global_secondary_index_names](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [null_resource.local_secondary_index_names](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
@@ -229,7 +230,6 @@ Available targets:
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.
This is for some rare cases where resources want additional configuration of tags
and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
-| [attach\_resource\_policy](#input\_attach\_resource\_policy) | Enable the resource policy settings for the table. | `bool` | `false` | no |
| [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
| [autoscale\_max\_read\_capacity](#input\_autoscale\_max\_read\_capacity) | DynamoDB autoscaling max read capacity | `number` | `20` | no |
| [autoscale\_max\_write\_capacity](#input\_autoscale\_max\_write\_capacity) | DynamoDB autoscaling max write capacity | `number` | `20` | no |
@@ -267,12 +267,13 @@ Available targets:
| [range\_key\_type](#input\_range\_key\_type) | Range Key type, which must be a scalar type: `S`, `N`, or `B` for (S)tring, (N)umber or (B)inary data | `string` | `"S"` | no |
| [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
| [replicas](#input\_replicas) | List of regions to create replica | `list(string)` | `[]` | no |
-| [resource\_policy](#input\_resource\_policy) | An Amazon Web Services resource-based policy document in JSON format. Make sure it's less than 20k including spaces. | `string` | `null` | no |
| [server\_side\_encryption\_kms\_key\_arn](#input\_server\_side\_encryption\_kms\_key\_arn) | The ARN of the CMK that should be used for the AWS KMS encryption. This attribute should only be specified if the key is different from the default DynamoDB CMK, alias/aws/dynamodb. | `string` | `null` | no |
| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
+| [stream\_resource\_policy](#input\_stream\_resource\_policy) | An Amazon Web Services resource-based policy document in JSON format setting the permissions for the Dynamo DB stream. Make sure it's less than 20k including spaces. | `string` | `null` | no |
| [stream\_view\_type](#input\_stream\_view\_type) | When an item in the table is modified, what information is written to the stream | `string` | `""` | no |
| [table\_class](#input\_table\_class) | DynamoDB storage class of the table. Can be STANDARD or STANDARD\_INFREQUENT\_ACCESS | `string` | `"STANDARD"` | no |
| [table\_name](#input\_table\_name) | Table name. If provided, the bucket will be created with this name instead of generating the name from the context | `string` | `null` | no |
+| [table\_resource\_policy](#input\_table\_resource\_policy) | An Amazon Web Services resource-based policy document in JSON format setting the permissions for the Dynamo DB table. Make sure it's less than 20k including spaces. | `string` | `null` | no |
| [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
| [tags\_enabled](#input\_tags\_enabled) | Set to `false` to disable tagging. This can be helpful if you're managing tables on dynamodb-local with terraform as it doesn't support tagging. | `bool` | `true` | no |
| [tenant](#input\_tenant) | ID element \_(Rarely used, not included by default)\_. A customer identifier, indicating who this instance of a resource is for | `string` | `null` | no |
diff --git a/docs/terraform.md b/docs/terraform.md
index e43d560..7bbeef7 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -25,7 +25,8 @@
| Name | Type |
|------|------|
-| [aws_dynamodb_resource_policy.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_resource_policy) | resource |
+| [aws_dynamodb_resource_policy.stream](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_resource_policy) | resource |
+| [aws_dynamodb_resource_policy.table](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_resource_policy) | resource |
| [aws_dynamodb_table.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
| [null_resource.global_secondary_index_names](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
| [null_resource.local_secondary_index_names](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
@@ -35,7 +36,6 @@
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [additional\_tag\_map](#input\_additional\_tag\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.
This is for some rare cases where resources want additional configuration of tags
and therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |
-| [attach\_resource\_policy](#input\_attach\_resource\_policy) | Enable the resource policy settings for the table. | `bool` | `false` | no |
| [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no |
| [autoscale\_max\_read\_capacity](#input\_autoscale\_max\_read\_capacity) | DynamoDB autoscaling max read capacity | `number` | `20` | no |
| [autoscale\_max\_write\_capacity](#input\_autoscale\_max\_write\_capacity) | DynamoDB autoscaling max write capacity | `number` | `20` | no |
@@ -73,12 +73,13 @@
| [range\_key\_type](#input\_range\_key\_type) | Range Key type, which must be a scalar type: `S`, `N`, or `B` for (S)tring, (N)umber or (B)inary data | `string` | `"S"` | no |
| [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
| [replicas](#input\_replicas) | List of regions to create replica | `list(string)` | `[]` | no |
-| [resource\_policy](#input\_resource\_policy) | An Amazon Web Services resource-based policy document in JSON format. Make sure it's less than 20k including spaces. | `string` | `null` | no |
| [server\_side\_encryption\_kms\_key\_arn](#input\_server\_side\_encryption\_kms\_key\_arn) | The ARN of the CMK that should be used for the AWS KMS encryption. This attribute should only be specified if the key is different from the default DynamoDB CMK, alias/aws/dynamodb. | `string` | `null` | no |
| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
+| [stream\_resource\_policy](#input\_stream\_resource\_policy) | An Amazon Web Services resource-based policy document in JSON format setting the permissions for the Dynamo DB stream. Make sure it's less than 20k including spaces. | `string` | `null` | no |
| [stream\_view\_type](#input\_stream\_view\_type) | When an item in the table is modified, what information is written to the stream | `string` | `""` | no |
| [table\_class](#input\_table\_class) | DynamoDB storage class of the table. Can be STANDARD or STANDARD\_INFREQUENT\_ACCESS | `string` | `"STANDARD"` | no |
| [table\_name](#input\_table\_name) | Table name. If provided, the bucket will be created with this name instead of generating the name from the context | `string` | `null` | no |
+| [table\_resource\_policy](#input\_table\_resource\_policy) | An Amazon Web Services resource-based policy document in JSON format setting the permissions for the Dynamo DB table. Make sure it's less than 20k including spaces. | `string` | `null` | no |
| [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
| [tags\_enabled](#input\_tags\_enabled) | Set to `false` to disable tagging. This can be helpful if you're managing tables on dynamodb-local with terraform as it doesn't support tagging. | `bool` | `true` | no |
| [tenant](#input\_tenant) | ID element \_(Rarely used, not included by default)\_. A customer identifier, indicating who this instance of a resource is for | `string` | `null` | no |
diff --git a/variables.tf b/variables.tf
index ba3e917..3361122 100644
--- a/variables.tf
+++ b/variables.tf
@@ -209,12 +209,6 @@ variable "import_table" {
description = "Import Amazon S3 data into a new table."
}
-variable "attach_resource_policy" {
- type = bool
- default = false
- description = "Enable the resource policy settings for the table."
-}
-
variable "table_resource_policy" {
type = string
default = null
From 0698e77138c4b15af64995bc95cbec0c366494db Mon Sep 17 00:00:00 2001
From: nnsense <2553412+nnsense@users.noreply.github.com>
Date: Tue, 27 Aug 2024 16:10:06 +0000
Subject: [PATCH 6/7] fix resource pointer
---
main.tf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/main.tf b/main.tf
index 59cdc9a..78bf0a0 100644
--- a/main.tf
+++ b/main.tf
@@ -172,7 +172,7 @@ module "dynamodb_autoscaler" {
resource "aws_dynamodb_resource_policy" "table" {
count = local.enabled && var.table_resource_policy != null ? 1 : 0
- resource_arn = join("", aws_dynamodb_table.default[*].stream_arn)
+ resource_arn = join("", aws_dynamodb_table.default[*].arn)
policy = var.table_resource_policy
}
From 03e654efcf8fcff8cf0a9531970256f9d65ea3af Mon Sep 17 00:00:00 2001
From: nnsense <2553412+nnsense@users.noreply.github.com>
Date: Wed, 28 Aug 2024 19:47:20 +0000
Subject: [PATCH 7/7] Adding test vars to examples
---
examples/complete/main.tf | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 24ab62a..5e68126 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -5,10 +5,12 @@ provider "aws" {
module "dynamodb_table_1" {
source = "../../"
- name = "first"
- hash_key = "HashKey"
- range_key = "RangeKey"
- enable_autoscaler = true
+ name = "first"
+ hash_key = "HashKey"
+ range_key = "RangeKey"
+ enable_autoscaler = true
+ table_resource_policy = "{}"
+ stream_resource_policy = "{}"
dynamodb_attributes = [
{