Error while creating AWS Dynamodb Global table creation (V2)

[pradeepnnv]

Creation of Global tables (V2) via Terraform is failing if the TableMaxReadCapacityUnits or TableMaxWriteCapacityUnits are mismatching between replica regions.

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Terraform: v0.12.31 or v1.0.0 aws: ~> 3.48

Affected Resource(s)

• aws_dynamodb_table

Terraform Configuration Files

provider "aws" {
  region  = "us-east-1"
  version = "~> 3.48"
}
terraform {
  required_version = ">= 0.12.0"
}

resource "aws_dynamodb_table" "example" {
  name             = "example"
  hash_key         = "TestTableHashKey"
  billing_mode     = "PAY_PER_REQUEST"
  stream_enabled   = true
  stream_view_type = "NEW_AND_OLD_IMAGES"

  attribute {
    name = "TestTableHashKey"
    type = "S"
  }

  replica {
    region_name = "us-west-2"
  }
}

Debug Output

https://gist.github.com/pradeepnnv/f431a4be969a5c704d029154e16e357f

Panic Output

Expected Behavior

Dynamodb Global table with 2 replicas in us-east-1 & us-west-2 should be created.

Actual Behavior

Terraform failed with below error.

aws_dynamodb_table.example: Creating...

Error: error initially creating DynamoDB Table (example) replicas: error creating DynamoDB Table (example) replica (us-west-2): ValidationException: Failed to create or update global table with name ‘example‘ because tableMaxWriteCapacityUnits do not match in each replica region. Current limits are 'US-EAST-1: 40000', 'US-WEST-2: 20000'. Please contact https://aws.amazon.com/support for limit change.
    status code: 400, request id: D3RVGFGSG8OM0MLDALVN3UJ2IJVV4KQNSO5AEMVJF66Q9ASUAAJG

  on basic-dynamodb-table.tf line 9, in resource "aws_dynamodb_table" "example":
   9: resource "aws_dynamodb_table" "example" {

Table was created only us-east-1 without a replica.

Steps to Reproduce

Raise an AWS Service Limit Request to decrease/increase TableMaxReadCapacityUnits & TableMaxWriteCapacityUnits.

➜ aws dynamodb describe-limits --output json --no-cli-pager --region us-east-1
{
    "AccountMaxReadCapacityUnits": 80000,
    "AccountMaxWriteCapacityUnits": 80000,
    "TableMaxReadCapacityUnits": 40000,
    "TableMaxWriteCapacityUnits": 40000
}

➜ aws dynamodb describe-limits --output json --no-cli-pager --region us-west-2
{
    "AccountMaxReadCapacityUnits": 20000,
    "AccountMaxWriteCapacityUnits": 20000,
    "TableMaxReadCapacityUnits": 20000,
    "TableMaxWriteCapacityUnits": 20000
}

1. TF_LOG=TRACE TF_LOG_PATH=terraform-debug-output-terraform12.txt terraform12 apply --auto-approve

Important Factoids

TableMaxWriteCapacityUnits & TableMaxReadCapacityUnits values for Dynamodb is different in different regions.

The same example worked when billing mode was switched to PROVISIONED. Below is a working example.

provider "aws" {
  region  = "us-east-1"
  version = "~> 3.48"
}
terraform {
  required_version = ">= 0.12.0"
}

resource "aws_dynamodb_table" "example" {
  name             = "example"
  hash_key         = "TestTableHashKey"
  billing_mode     = "PROVISIONED"
  read_capacity    = 1
  write_capacity   = 1
  stream_enabled   = true
  stream_view_type = "NEW_AND_OLD_IMAGES"

  attribute {
    name = "TestTableHashKey"
    type = "S"
  }

  replica {
    region_name = "us-west-2"
  }
}

[Krishna-Desiraju]

Yeah we ran into the same issue with our project as well. Looks like terraform has an extra validation to check the quotas in region before replication. So, we decided to make the dynamodb limits/quotas consistent across the regions by submitting a support request for aws. That should resolve this error.

[github-actions[bot]]

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label.

If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.