search

cloudposse / terraform-aws-dynamodb

Terraform module that implements AWS DynamoDB with support for AutoScaling
https://cloudposse.com/accelerate
Apache License 2.0
85 stars 113 forks source link

Using module in multiple regions causes duplicate naming errors for iam resources when autoscaled #22

Closed rmkbow closed 5 years ago

rmkbow commented 5 years ago

This mostly affects the autoscaler module but I was using it through this module.

I'm calling the module with two different region providers and get error similar to this:

Error: Error applying plan:

1 error(s) occurred:

* module.dynamodb_us-west-1.module.this.module.dynamodb_autoscaler.aws_iam_role.autoscaler: 1 error(s) occurred:

* aws_iam_role.autoscaler: Error creating IAM Role tablename-autoscaler: EntityAlreadyExists: Role with name tablename-autoscaler already exists.

I've gotten around this by locally by overriding the name parameter for the autoscaling section https://github.com/cloudposse/terraform-aws-dynamodb/blob/master/main.tf#L87


module "dynamodb_autoscaler" {
  source                       = "git::https://github.com/cloudposse/terraform-aws-dynamodb-autoscaler.git?ref=tags/0.2.4"
...
  name                         = "${var.name}-${data.aws_region.current.name}"

I'm doing this so I can create a aws_dynamodb_global_table resource that has the same table name in multiple regions. It appears this name parameter goes to the label module and is only used for the iam related resources in the autoscaler module.

My idea unfortunately breaks backwards compatibility since it would force destroy/create the iam resources so I haven't submitted a PR. Any other suggestions?

Could also have an iam name suffix or prefix parameter that the enduser could pass in themselves like I can put in a suffix of us-east-1 for the autoscaler name

aknysh commented 5 years ago

thanks @rmkbow for reporting this. we'll look into it, but for now you probably could use attributes = "${var.attributes}". The attributes are added tonamespace-stage-nameso it becomesnamespace-stage-name-attribute1-attrubute2-.... terraform-aws-dynamodb-autoscaleruses the samelabel` module, which will take care of joinung the provided attributes. One of the attribute could be a region name for example.

rmkbow commented 5 years ago

Attributes would also change the table name but the table name needs to be the same for each region for global tables 🤔

aknysh commented 5 years ago

@rmkbow thanks again, I understand what you said. Before we get time to update the module, you can do the following:

Everything that the autoscaler needs are the outputs from the dynamodb module

dynamodb_table_name          = "${aws_dynamodb_table.default.id}"
dynamodb_table_arn           = "${aws_dynamodb_table.default.arn}"
dynamodb_indexes             = ["${null_resource.global_secondary_index_names.*.triggers.name}"]

https://github.com/cloudposse/terraform-aws-dynamodb/blob/master/outputs.tf

rmkbow commented 5 years ago

That's a good workaround :) I didn't think about using the autoscaler separately 👍

aknysh commented 5 years ago

@rmkbow will close this for now. please reopen if needed