I creating a AWS CDK L3 Construct in TypeScript where I can create a Dynamodb table that just enables some secure features so I don't have to constantly set these features over and over again. This is "mvp" deployment
const table = new ddbTableSecure(this, "Table", {
partitionKey: { name: "id", type: dynamodb.AttributeType.STRING },
});
And Here is the CDK Construct code without the props
export class ddbTableSecure extends Construct {
table: dynamodb.Table;
constructor(scope: Construct, id: string, props: TableProps) {
super(scope, id);
const haveSortKey = props.sortKey != undefined && props.sortKey != null;
this.table = new dynamodb.Table(this, 'MyTable', {
partitionKey: props.partitionKey,
encryption: dynamodb.TableEncryption.AWS_MANAGED,
pointInTimeRecovery: true,
tableName: props.tableName,
tableClass: props.tableClass,
billingMode: props.billingMode,
replicationRegions: props.replicationRegions,
readCapacity: props.readCapacity,
writeCapacity: props.writeCapacity,
contributorInsightsEnabled: props.contributorInsightsEnabled,
timeToLiveAttribute: props.timeToLiveAttribute,
replicationTimeout: props.replicationTimeout,
stream: props.stream,
sortKey: haveSortKey ? props.sortKey : undefined,
waitForReplicationToFinish: props.waitForReplicationToFinish,
removalPolicy: props.removalPolicy,
kinesisStream: props.kinesisStream,
});
}
}
The code works, however i'm trying to figure out how to add an override where for example I dont want to use a AWS.Managed encryption but KMS. So I would provide a function/override for properties I dont want set in the construct code. So the instantiation of this construct would look like this
const table = new ddbTableSecure(this, "Table", {
partitionKey: { name: "id", type: dynamodb.AttributeType.STRING },
encryption: ddbSecure.override(dynamodb.TableEncryption.CUSTOMER_MANAGED)
});
This would help me build if I want to override said functionality for encryption and potentially other L3 constructs I build. I've tried creating an additional parameter just called override
const table = new ddbTableSecure(this, "Table", {
partitionKey: { name: "id", type: dynamodb.AttributeType.STRING },
encryption: ddbSecure.override(dynamodb.TableEncryption.CUSTOMER_MANAGED)
},
override: True
);
The CDK construct would recognize that the the override is enabled and allow for updates to the CDK Construct DynamoDB table. This only works for one parameter and does not allow for additional overrides if need be.
How would I go about doing this? Am I approaching the problem from the wrong angle? Any and all help would be much appreciated
You can just do it like this:
export class ddbTableSecure extends Construct {
table: dynamodb.Table;
constructor(scope: Construct, id: string, props: TableProps) {
super(scope, id);
this.table = new dynamodb.Table(this, 'MyTable', {
encryption: dynamodb.TableEncryption.AWS_MANAGED,
pointInTimeRecovery: true,
...props,
});
}
}
// override any props
const table = new ddbTableSecure(this, "Table", {
partitionKey: { name: "id", type: dynamodb.AttributeType.STRING },
encryption: dynamodb.TableEncryption.CUSTOMER_MANAGED,
pointInTimeRecovery: false,
},
c.f. Spread syntax