Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support cross account DynamoDB source tables #4424

Open
graytaylor0 opened this issue Apr 16, 2024 · 2 comments · May be fixed by #4776
Open

Support cross account DynamoDB source tables #4424

graytaylor0 opened this issue Apr 16, 2024 · 2 comments · May be fixed by #4776
Assignees
@dlvenable
Labels
enhancement New feature or request good first issue Good for newcomers
Milestone
v2.10

Comments

@graytaylor0
Copy link
Member

Is your feature request related to a problem? Please describe.
With the addition of DynamoDB resource policies, data prepper can now assume a role in account A and access a table in account B. However, the Data Prepper DynamodB source only passes the table name to some requests, instead of the full table ARN (

data-prepper/data-prepper-plugins/dynamodb-source/src/main/java/org/opensearch/dataprepper/plugins/source/dynamodb/leader/LeaderScheduler.java

Line 240 in 11b18cd

.tableName(tableName)
). Changing this in all the calls that allow table arn will allow this support.

Describe alternatives you've considered (Optional)
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.
@graytaylor0 graytaylor0 added untriaged enhancement New feature or request and removed untriaged labels Apr 16, 2024
@dlvenable
Copy link
Member

As noted in the documentation, DynamoDB now supports passing the table ARN instead of the name to the TableName parameter.

https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTable.html#API_DescribeTable_RequestSyntax

Thus, we mainly need to just provide the ARN rather than have to extract the table name.

We can change this line:

data-prepper/data-prepper-plugins/dynamodb-source/src/main/java/org/opensearch/dataprepper/plugins/source/dynamodb/leader/LeaderScheduler.java

Line 234 in 77d8812

String tableName = TableUtil.getTableNameFromArn(tableConfig.getTableArn());

to:

String tableName = tableConfig.getTableArn();

We may still want some logging to use the tableName only.

We will need to make this change for any other interaction with DynamoDB.

@dlvenable dlvenable added the good first issue Good for newcomers label Jul 18, 2024
@dlvenable dlvenable self-assigned this Jul 30, 2024
@dlvenable dlvenable added this to the v2.9 milestone Jul 30, 2024
dlvenable added a commit to dlvenable/data-prepper that referenced this issue Jul 31, 2024
@dlvenable
Support cross account DynamoDB tables for streams.
f2a2823 
Update requests to DynamoDB to provide the table ARN instead of the table name. This allows Data Prepper to use the new cross-account and resource policy changes available in DynamoDB.

Resolves opensearch-project#4424

Signed-off-by: David Venable <dlv@amazon.com>
@dlvenable dlvenable linked a pull request Jul 31, 2024 that will close this issue
Open
4 tasks
@dlvenable
Copy link
Member

I've opened #4776 to support the table ARN. This works for streams. However, export gives the following error:

2024-07-30T23:40:30,615 [pool-11-thread-2] INFO  org.opensearch.dataprepper.plugins.source.dynamodb.export.ExportScheduler - Submitting a new export job for table arn:aws:dynamodb:us-west-2:123456789012:table/SampleCrossAccount with export time 2024-07-30T22:42:35.225Z
2024-07-30T23:40:31,196 [pool-11-thread-2] ERROR org.opensearch.dataprepper.plugins.source.dynamodb.export.ExportTaskManager - Failed to submit an export job with error This action is only supported by accounts that match the resource owner?s account. (Service: DynamoDb, Status Code: 400, Request ID: ZNLGONJUC8NHLHSG7P65O4SHA3VV4KQMSO5AEMVJF67Q9ASXBAJG)

@dlvenable dlvenable modified the milestones: v2.9, v2.10 Aug 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dlvenable dlvenable

Labels
enhancement New feature or request good first issue Good for newcomers
Projects
Data Prepper Tracking Board
Status: Unplanned
Milestone
v2.10
Development

Successfully merging a pull request may close this issue.

Support cross account DynamoDB tables for streams. dlvenable/data-prepper
2 participants
@dlvenable @graytaylor0