Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
b
brave-wall-78117
01/29/2023, 12:55 PMpublic sealed class DynamoDbResource : ComponentResource
{
public DynamoDbResource(string name)
: base("account-transactions-dynamodb", name)
{
var stack = Deployment.Instance.StackName;
var userTradesTable = new Table("user-trades-table", new()
{
Attributes = new[]
{
new TableAttributeArgs
{
Name = "Date",
Type = "S",
},
new TableAttributeArgs
{
Name = "TradeSourceId",
Type = "S",
}
},
Name = $"user-trades-{stack}",
BillingMode = "PAY_PER_REQUEST",
HashKey = "Date",
RangeKey = "TradeSourceId"
});
var userTransfersTable = new Table("user-transfers-table", new()
{
Attributes = new[]
{
new TableAttributeArgs
{
Name = "Date",
Type = "S",
},
new TableAttributeArgs
{
Name = "TransferSourceId",
Type = "S",
}
},
Name = $"user-transfers-{stack}",
BillingMode = "PAY_PER_REQUEST",
HashKey = "Date",
RangeKey = "TransferSourceId"
});
var role = CreateIamRoleAndAllowActionsForTables(userTradesTable.Arn, userTransfersTable.Arn);
UserTradesTableArn = userTradesTable.Arn;
UserTransfersTableArn = userTransfersTable.Arn;
RoleArn = role.Arn;
}
[Output("userTradesTable")]
public Output<string> UserTradesTableArn { get; set; }
[Output("userTransfersTable")]
public Output<string> UserTransfersTableArn { get; set; }
[Output("role")]
public Output<string> RoleArn { get; set; }
private Role CreateIamRoleAndAllowActionsForTables(params Output<string>[] tables)
{
var projectName = Deployment.Instance.ProjectName;
var role = new Role($"{projectName}-role", new RoleArgs
{
AssumeRolePolicy = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["Version"] = "2012-10-17",
["Statement"] = new[]
{
new Dictionary<string, object?>
{
["Action"] = "sts:AssumeRole",
["Effect"] = "Allow",
["Sid"] = "",
["Principal"] = new Dictionary<string, object?>
{
["AWS"] = "arn:aws:iam::545464702807:root"
}
}
}
}),
InlinePolicies =
{
new RoleInlinePolicyArgs
{
Name = "dynamodb",
Policy = Output.All(tables).Apply(args =>
{
return JsonSerializer.Serialize(new Dictionary<string, object?>
{
["Version"] = "2012-10-17",
["Statement"] = new[]
{
new Dictionary<string, object?>
{
["Action"] = new[]
{
"dynamodb:BatchWriteItem",
"dynamodb:PutItem",
"dynamodb:DeleteItem",
"dynamodb:UpdateItem",
"dynamodb:DescribeTable",
"dynamodb:Query"
},
["Effect"] = "Allow",
["Resource"] = new[] { args[0] }
},
new Dictionary<string, object?>
{
["Action"] = "dynamodb:ListTables",
["Effect"] = "Allow",
["Resource"] = "*"
}
}
});
})
}
}
});
return role;
}
}ComponentResource