diff --git a/services/terraform/dev/main.tf b/services/terraform/dev/main.tf index 3f70f28ef..7eb02bfd0 100644 --- a/services/terraform/dev/main.tf +++ b/services/terraform/dev/main.tf @@ -1,39 +1,40 @@ locals { aws_settings = ({ region = "us-east-2" access_key = "fake" secret_key = "fake" skip_credentials_validation = true skip_metadata_api_check = true skip_requesting_account_id = true s3_use_path_style = true override_endpoint = "http://localhost:4566" }) } provider "aws" { region = local.aws_settings.region access_key = local.aws_settings.access_key secret_key = local.aws_settings.secret_key skip_credentials_validation = local.aws_settings.skip_credentials_validation skip_metadata_api_check = local.aws_settings.skip_metadata_api_check skip_requesting_account_id = local.aws_settings.skip_requesting_account_id s3_use_path_style = local.aws_settings.s3_use_path_style dynamic "endpoints" { for_each = local.aws_settings.override_endpoint[*] content { dynamodb = endpoints.value s3 = endpoints.value } } } # Shared resources between local dev environment and remote AWS module "shared" { source = "../modules/shared" + is_dev = true } diff --git a/services/terraform/modules/shared/dynamodb.tf b/services/terraform/modules/shared/dynamodb.tf index 0bf38f79b..14cb23be0 100644 --- a/services/terraform/modules/shared/dynamodb.tf +++ b/services/terraform/modules/shared/dynamodb.tf @@ -1,277 +1,272 @@ resource "aws_dynamodb_table" "backup-service-backup" { - name = "backup-service-backup" - hash_key = "userID" - range_key = "backupID" - write_capacity = 10 - read_capacity = 10 + name = "backup-service-backup" + hash_key = "userID" + range_key = "backupID" + billing_mode = "PAY_PER_REQUEST" attribute { name = "userID" type = "S" } attribute { name = "backupID" type = "S" } attribute { name = "created" type = "S" } global_secondary_index { name = "userID-created-index" hash_key = "userID" range_key = "created" - write_capacity = 10 - read_capacity = 10 projection_type = "INCLUDE" non_key_attributes = ["recoveryData"] } } resource "aws_dynamodb_table" "backup-service-log" { - name = "backup-service-log" - hash_key = "backupID" - range_key = "logID" - write_capacity = 10 - read_capacity = 10 + name = "backup-service-log" + hash_key = "backupID" + range_key = "logID" + billing_mode = "PAY_PER_REQUEST" attribute { name = "backupID" type = "S" } attribute { name = "logID" type = "S" } } resource "aws_dynamodb_table" "blob-service-blob" { - name = "blob-service-blob" - hash_key = "blobHash" - write_capacity = 10 - read_capacity = 10 + name = "blob-service-blob" + hash_key = "blobHash" + billing_mode = "PAY_PER_REQUEST" attribute { name = "blobHash" type = "S" } } resource "aws_dynamodb_table" "blob-service-reverse-index" { - name = "blob-service-reverse-index" - hash_key = "holder" - write_capacity = 10 - read_capacity = 10 + name = "blob-service-reverse-index" + hash_key = "holder" + billing_mode = "PAY_PER_REQUEST" attribute { name = "holder" type = "S" } attribute { name = "blobHash" type = "S" } global_secondary_index { name = "blobHash-index" hash_key = "blobHash" - write_capacity = 10 - read_capacity = 10 projection_type = "ALL" } } resource "aws_dynamodb_table" "blob-service-blobs" { - name = "blob-service-blobs" - hash_key = "blob_hash" - range_key = "holder" + name = "blob-service-blobs" + hash_key = "blob_hash" + range_key = "holder" billing_mode = "PAY_PER_REQUEST" attribute { name = "blob_hash" type = "S" } attribute { name = "holder" type = "S" } attribute { name = "last_modified" type = "N" } attribute { name = "unchecked" type = "S" } global_secondary_index { - name = "unchecked-index" - hash_key = "unchecked" - range_key = "last_modified" - - projection_type = "INCLUDE" - non_key_attributes = ["blob_hash", "holder"] + name = "unchecked-index" + hash_key = "unchecked" + range_key = "last_modified" + projection_type = "KEYS_ONLY" } } resource "aws_dynamodb_table" "tunnelbroker-undelivered-messages" { - name = "tunnelbroker-undelivered-messages" - hash_key = "deviceID" - range_key = "createdAt" - write_capacity = 10 - read_capacity = 10 + # This table doesnt exist in prod + count = var.is_dev ? 1 : 0 + + name = "tunnelbroker-undelivered-messages" + hash_key = "deviceID" + range_key = "createdAt" + billing_mode = "PAY_PER_REQUEST" attribute { name = "deviceID" type = "S" } attribute { name = "createdAt" type = "N" } } resource "aws_dynamodb_table" "identity-users" { - name = "identity-users" - hash_key = "userID" - write_capacity = 10 - read_capacity = 10 + name = "identity-users" + hash_key = "userID" + billing_mode = "PAY_PER_REQUEST" attribute { name = "userID" type = "S" } attribute { name = "username" type = "S" } - attribute { - name = "walletAddress" - type = "S" + # walletAddress not defined in prod + dynamic "attribute" { + # Create a dummy list to iterate over if is_dev is true + for_each = var.is_dev ? [1] : [] + content { + name = "walletAddress" + type = "S" + } } global_secondary_index { name = "username-index" hash_key = "username" - write_capacity = 10 - read_capacity = 10 projection_type = "KEYS_ONLY" } - global_secondary_index { - name = "walletAddress-index" - hash_key = "walletAddress" - write_capacity = 10 - read_capacity = 10 - projection_type = "KEYS_ONLY" + # walletAddress not defined in prod + dynamic "global_secondary_index" { + # Create a dummy list to iterate over if is_dev is true + for_each = var.is_dev ? [1] : [] + content { + name = "walletAddress-index" + hash_key = "walletAddress" + projection_type = "KEYS_ONLY" + } } } # Identity users with opaque_ke 2.0 credentials resource "aws_dynamodb_table" "identity-users-opaque2" { - name = "identity-users-opaque2" - hash_key = "userID" - write_capacity = 10 - read_capacity = 10 + # This table doesnt exist in prod + count = var.is_dev ? 1 : 0 + + name = "identity-users-opaque2" + hash_key = "userID" + billing_mode = "PAY_PER_REQUEST" attribute { name = "userID" type = "S" } attribute { name = "username" type = "S" } attribute { name = "walletAddress" type = "S" } global_secondary_index { name = "username-index" hash_key = "username" - write_capacity = 10 - read_capacity = 10 projection_type = "KEYS_ONLY" } global_secondary_index { name = "walletAddress-index" hash_key = "walletAddress" - write_capacity = 10 - read_capacity = 10 projection_type = "KEYS_ONLY" } } resource "aws_dynamodb_table" "identity-tokens" { - name = "identity-tokens" - hash_key = "userID" - range_key = "signingPublicKey" - write_capacity = 10 - read_capacity = 10 + name = "identity-tokens" + hash_key = "userID" + range_key = "signingPublicKey" + billing_mode = "PAY_PER_REQUEST" attribute { name = "userID" type = "S" } attribute { name = "signingPublicKey" type = "S" } } resource "aws_dynamodb_table" "identity-nonces" { - name = "identity-nonces" - hash_key = "nonce" - write_capacity = 10 - read_capacity = 10 + # This table doesnt exist in prod + count = var.is_dev ? 1 : 0 + + name = "identity-nonces" + hash_key = "nonce" + billing_mode = "PAY_PER_REQUEST" attribute { name = "nonce" type = "S" } } resource "aws_dynamodb_table" "identity-reserved-usernames" { - name = "identity-reserved-usernames" - hash_key = "username" - write_capacity = 10 - read_capacity = 10 + name = "identity-reserved-usernames" + hash_key = "username" + billing_mode = "PAY_PER_REQUEST" attribute { name = "username" type = "S" } } resource "aws_dynamodb_table" "feature-flags" { name = "feature-flags" hash_key = "platform" range_key = "feature" billing_mode = "PAY_PER_REQUEST" attribute { name = "platform" type = "S" } attribute { name = "feature" type = "S" } } diff --git a/services/terraform/modules/shared/variables.tf b/services/terraform/modules/shared/variables.tf new file mode 100644 index 000000000..de486208d --- /dev/null +++ b/services/terraform/modules/shared/variables.tf @@ -0,0 +1,4 @@ +variable "is_dev" { + type = bool + default = false +}