Skip to content

Instantly share code, notes, and snippets.

@Mallear

Mallear/awscc_timestream_scheduled_query 1st apply in 2 steps

Last active September 7, 2023 08:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Mallear/43107fd180fd7f4b1266f503f02d2fdf to your computer and use it in GitHub Desktop.
Save Mallear/43107fd180fd7f4b1266f503f02d2fdf to your computer and use it in GitHub Desktop.
Download ZIP
awscc_timestream_scheduled_query issue
Raw
awscc_timestream_scheduled_query 1st apply in 2 steps
data.aws_iam_policy.managed_timestream_full_access: Reading...
data.aws_caller_identity.current: Reading...
data.aws_iam_policy_document.assume_role_policy: Reading...
data.aws_iam_policy_document.assume_role_policy: Read complete after 0s [id=341341799]
data.aws_caller_identity.current: Read complete after 0s [id=1234567890]
data.aws_iam_policy.managed_timestream_full_access: Read complete after 8s [id=arn:aws:iam::aws:policy/AmazonTimestreamFullAccess]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated
with the following symbols:
+ create
<= read (data resources)
Terraform will perform the following actions:
# data.aws_iam_policy_document.role_policy will be read during apply
# (config refers to values not yet known)
<= data "aws_iam_policy_document" "role_policy" {
+ id = (known after apply)
+ json = (known after apply)
+ statement {
+ actions = [
+ "kms:Decrypt",
+ "kms:GenerateDataKey",
]
+ effect = "Allow"
+ resources = [
+ (known after apply),
]
+ sid = "KMSAccess"
}
+ statement {
+ actions = [
+ "sns:Publish",
]
+ effect = "Allow"
+ resources = [
+ (known after apply),
]
+ sid = "SnsPublish"
}
+ statement {
+ actions = [
+ "s3:GetBucketAcl",
+ "s3:PutObject",
]
+ effect = "Allow"
+ resources = [
+ (known after apply),
+ (known after apply),
]
+ sid = "BucketAccess"
}
}
# data.aws_iam_policy_document.sns_topic_policy will be read during apply
# (config refers to values not yet known)
<= data "aws_iam_policy_document" "sns_topic_policy" {
+ id = (known after apply)
+ json = (known after apply)
+ policy_id = "__default_policy_ID"
+ statement {
+ actions = [
+ "SNS:AddPermission",
+ "SNS:DeleteTopic",
+ "SNS:GetTopicAttributes",
+ "SNS:ListSubscriptionsByTopic",
+ "SNS:Publish",
+ "SNS:Receive",
+ "SNS:RemovePermission",
+ "SNS:SetTopicAttributes",
+ "SNS:Subscribe",
]
+ effect = "Allow"
+ resources = [
+ (known after apply),
]
+ sid = "__default_statement_ID"
+ condition {
+ test = "StringEquals"
+ values = [
+ "1234567890",
]
+ variable = "AWS:SourceOwner"
}
+ principals {
+ identifiers = [
+ "*",
]
+ type = "AWS"
}
}
}
# aws_iam_role.this will be created
+ resource "aws_iam_role" "this" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "timestream.amazonaws.com"
}
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "TimestreamScheduledQueriesDebugRole"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
}
# aws_iam_role_policy.name will be created
+ resource "aws_iam_role_policy" "name" {
+ id = (known after apply)
+ name = "TimestreamRolePolicy"
+ policy = (known after apply)
+ role = "TimestreamScheduledQueriesDebugRole"
}
# aws_iam_role_policy_attachment.managed_timestream_full_access will be created
+ resource "aws_iam_role_policy_attachment" "managed_timestream_full_access" {
+ id = (known after apply)
+ policy_arn = "arn:aws:iam::aws:policy/AmazonTimestreamFullAccess"
+ role = "TimestreamScheduledQueriesDebugRole"
}
# aws_kms_key.this will be created
+ resource "aws_kms_key" "this" {
+ arn = (known after apply)
+ bypass_policy_lockout_safety_check = false
+ customer_master_key_spec = "SYMMETRIC_DEFAULT"
+ deletion_window_in_days = 7
+ description = "KMS key module test time stream"
+ enable_key_rotation = false
+ id = (known after apply)
+ is_enabled = true
+ key_id = (known after apply)
+ key_usage = "ENCRYPT_DECRYPT"
+ multi_region = (known after apply)
+ policy = (known after apply)
+ tags_all = (known after apply)
}
# aws_s3_bucket.this will be created
+ resource "aws_s3_bucket" "this" {
+ acceleration_status = (known after apply)
+ acl = (known after apply)
+ arn = (known after apply)
+ bucket = (known after apply)
+ bucket_domain_name = (known after apply)
+ bucket_prefix = (known after apply)
+ bucket_regional_domain_name = (known after apply)
+ force_destroy = true
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ object_lock_enabled = (known after apply)
+ policy = (known after apply)
+ region = (known after apply)
+ request_payer = (known after apply)
+ tags_all = (known after apply)
+ website_domain = (known after apply)
+ website_endpoint = (known after apply)
}
# aws_sns_topic.this will be created
+ resource "aws_sns_topic" "this" {
+ arn = (known after apply)
+ content_based_deduplication = false
+ fifo_topic = true
+ id = (known after apply)
+ kms_master_key_id = (known after apply)
+ name = "timestream-scheduled-queries-debug-errors.fifo"
+ name_prefix = (known after apply)
+ owner = (known after apply)
+ policy = (known after apply)
+ signature_version = (known after apply)
+ tags_all = (known after apply)
+ tracing_config = (known after apply)
}
# aws_sns_topic_policy.this will be created
+ resource "aws_sns_topic_policy" "this" {
+ arn = (known after apply)
+ id = (known after apply)
+ owner = (known after apply)
+ policy = (known after apply)
}
# aws_timestreamwrite_database.this will be created
+ resource "aws_timestreamwrite_database" "this" {
+ arn = (known after apply)
+ database_name = "timestream-scheduled-queries-debug-db"
+ id = (known after apply)
+ kms_key_id = (known after apply)
+ table_count = (known after apply)
+ tags_all = (known after apply)
}
# aws_timestreamwrite_table.source will be created
+ resource "aws_timestreamwrite_table" "source" {
+ arn = (known after apply)
+ database_name = "timestream-scheduled-queries-debug-db"
+ id = (known after apply)
+ table_name = "source"
+ tags_all = (known after apply)
}
# aws_timestreamwrite_table.target will be created
+ resource "aws_timestreamwrite_table" "target" {
+ arn = (known after apply)
+ database_name = "timestream-scheduled-queries-debug-db"
+ id = (known after apply)
+ table_name = "target"
+ tags_all = (known after apply)
}
# awscc_timestream_scheduled_query.this will be created
+ resource "awscc_timestream_scheduled_query" "this" {
+ arn = (known after apply)
+ client_token = (known after apply)
+ error_report_configuration = {
+ s3_configuration = {
+ bucket_name = (known after apply)
+ encryption_option = (known after apply)
+ object_key_prefix = (known after apply)
}
}
+ id = (known after apply)
+ kms_key_id = (known after apply)
+ notification_configuration = {
+ sns_configuration = {
+ topic_arn = (known after apply)
}
}
+ query_string = "SELECT organization, workspace, date_trunc('day', time) as time_day, 'clicks' as measure_name, sum(measure_value::bigint)as total_clicks FROM \"timestream-scheduled-queries-debug-db\".\"source\" group by organization, workspace, date_trunc('day', time) order by organization"
+ schedule_configuration = {
+ schedule_expression = "rate(1 hour)"
}
+ scheduled_query_execution_role_arn = (known after apply)
+ scheduled_query_name = "time-stream-scheduled-queries-debug-query"
+ sq_error_report_configuration = (known after apply)
+ sq_kms_key_id = (known after apply)
+ sq_name = (known after apply)
+ sq_notification_configuration = (known after apply)
+ sq_query_string = (known after apply)
+ sq_schedule_configuration = (known after apply)
+ sq_scheduled_query_execution_role_arn = (known after apply)
+ sq_target_configuration = (known after apply)
+ tags = (known after apply)
+ target_configuration = {
+ timestream_configuration = {
+ database_name = "timestream-scheduled-queries-debug-db"
+ dimension_mappings = [
+ {
+ dimension_value_type = "VARCHAR"
+ name = "organization"
},
+ {
+ dimension_value_type = "VARCHAR"
+ name = "workspace"
},
]
+ measure_name_column = "measure_name"
+ mixed_measure_mappings = (known after apply)
+ multi_measure_mappings = {
+ multi_measure_attribute_mappings = [
+ {
+ measure_value_type = "BIGINT"
+ source_column = "total_clicks"
+ target_multi_measure_attribute_name = (known after apply)
},
]
+ target_multi_measure_name = (known after apply)
}
+ table_name = "target"
+ time_column = "time_day"
}
}
}
# null_resource.data_injection will be created
+ resource "null_resource" "data_injection" {
+ id = (known after apply)
+ triggers = {
+ "source" = "source"
}
}
# random_string.uid will be created
+ resource "random_string" "uid" {
+ id = (known after apply)
+ length = 12
+ lower = true
+ min_lower = 0
+ min_numeric = 0
+ min_special = 0
+ min_upper = 0
+ number = true
+ numeric = true
+ result = (known after apply)
+ special = false
+ upper = false
}
Plan: 13 to add, 0 to change, 0 to destroy.
random_string.uid: Creating...
random_string.uid: Creation complete after 0s [id=i7c7a9186jpm]
aws_kms_key.this: Creating...
aws_iam_role.this: Creating...
aws_s3_bucket.this: Creating...
aws_kms_key.this: Creation complete after 0s [id=8d095dcd-3d8f-4034-85f6-4e8e9edc1d77]
aws_timestreamwrite_database.this: Creating...
aws_sns_topic.this: Creating...
aws_iam_role.this: Creation complete after 1s [id=TimestreamScheduledQueriesDebugRole]
aws_sns_topic.this: Creation complete after 1s [id=arn:aws:sns:eu-west-1:1234567890:timestream-scheduled-queries-debug-errors.fifo]
aws_iam_role_policy_attachment.managed_timestream_full_access: Creating...
data.aws_iam_policy_document.sns_topic_policy: Reading...
data.aws_iam_policy_document.sns_topic_policy: Read complete after 0s [id=3331851691]
aws_sns_topic_policy.this: Creating...
aws_sns_topic_policy.this: Creation complete after 0s [id=arn:aws:sns:eu-west-1:1234567890:timestream-scheduled-queries-debug-errors.fifo]
aws_timestreamwrite_database.this: Creation complete after 1s [id=timestream-scheduled-queries-debug-db]
aws_timestreamwrite_table.target: Creating...
aws_timestreamwrite_table.source: Creating...
aws_iam_role_policy_attachment.managed_timestream_full_access: Creation complete after 0s [id=TimestreamScheduledQueriesDebugRole-20230907083806223300000001]
aws_timestreamwrite_table.target: Creation complete after 1s [id=target:timestream-scheduled-queries-debug-db]
aws_s3_bucket.this: Creation complete after 2s [id=timestream-scheduled-queries-debug-i7c7a9186jpm]
data.aws_iam_policy_document.role_policy: Reading...
data.aws_iam_policy_document.role_policy: Read complete after 0s [id=1835675082]
aws_iam_role_policy.name: Creating...
aws_timestreamwrite_table.source: Creation complete after 1s [id=source:timestream-scheduled-queries-debug-db]
null_resource.data_injection: Creating...
null_resource.data_injection: Provisioning with 'local-exec'...
null_resource.data_injection (local-exec): Executing: ["/bin/sh" "-c" " aws timestream-write write-records --database-name timestream-scheduled-queries-debug-db --table-name source --records '[{\"Dimensions\": [{\"Name\": \"organization\", \"Value\": \"organization0\", \"DimensionValueType\": \"VARCHAR\"},{\"Name\": \"workspace\", \"Value\": \"workspace0\", \"DimensionValueType\": \"VARCHAR\"}], \"MeasureName\": \"click\", \"MeasureValue\": \"1\", \"MeasureValueType\": \"BIGINT\", \"Time\": \"'\"`date +%s`\"'\", \"TimeUnit\": \"SECONDS\"}]'\n"]
aws_iam_role_policy.name: Creation complete after 0s [id=TimestreamScheduledQueriesDebugRole:TimestreamRolePolicy]
null_resource.data_injection (local-exec): {
null_resource.data_injection (local-exec): "RecordsIngested": {
null_resource.data_injection (local-exec): "Total": 1,
null_resource.data_injection (local-exec): "MemoryStore": 1,
null_resource.data_injection (local-exec): "MagneticStore": 0
null_resource.data_injection (local-exec): }
null_resource.data_injection (local-exec): }
null_resource.data_injection: Creation complete after 1s [id=7831279995456042712]
awscc_timestream_scheduled_query.this: Creating...
│ Error: AWS SDK Go Service Operation Incomplete
│ with awscc_timestream_scheduled_query.this,
│ on s3.tf line 182, in resource "awscc_timestream_scheduled_query" "this":
│ 182: resource "awscc_timestream_scheduled_query" "this" {
│ Waiting for Cloud Control API service CreateResource operation
│ completion returned: waiter state transitioned to FAILED.
│ StatusMessage: Timestream is not authorized to do
│ `sts:assumeRole` for given execution role:
│ arn:aws:iam::1234567890:role/TimestreamScheduledQueriesDebugRole
│ (Service: AmazonTimestreamQuery; Status Code: 400; Error Code:
│ ValidationException; Request ID: YVBFMOSCS5EGJLK7VJ67DZ57DE;
│ Proxy: null). ErrorCode: InvalidRequest
[ This require a 2nd apply ]
Raw
awscc_timestream_scheduled_query 2nd apply
random_string.uid: Refreshing state... [id=eqp8tpkv2wai]
data.aws_caller_identity.current: Reading...
data.aws_iam_policy_document.assume_role_policy: Reading...
data.aws_iam_policy.managed_timestream_full_access: Reading...
aws_kms_key.this: Refreshing state... [id=8fda971a-ab20-408f-aaff-62cebceb1a3a]
data.aws_iam_policy_document.assume_role_policy: Read complete after 0s [id=341341799]
aws_s3_bucket.this: Refreshing state... [id=timestream-scheduled-queries-debug-eqp8tpkv2wai]
aws_iam_role.this: Refreshing state... [id=TimestreamScheduledQueriesDebugRole]
aws_timestreamwrite_database.this: Refreshing state... [id=timestream-scheduled-queries-debug-db]
aws_sns_topic.this: Refreshing state... [id=arn:aws:sns:eu-west-1:1234567890:timestream-scheduled-queries-debug-errors.fifo]
data.aws_caller_identity.current: Read complete after 0s [id=1234567890]
data.aws_iam_policy_document.sns_topic_policy: Reading...
data.aws_iam_policy_document.sns_topic_policy: Read complete after 0s [id=3331851691]
aws_sns_topic_policy.this: Refreshing state... [id=arn:aws:sns:eu-west-1:1234567890:timestream-scheduled-queries-debug-errors.fifo]
aws_timestreamwrite_table.target: Refreshing state... [id=target:timestream-scheduled-queries-debug-db]
aws_timestreamwrite_table.source: Refreshing state... [id=source:timestream-scheduled-queries-debug-db]
null_resource.data_injection: Refreshing state... [id=1795050389301678762]
data.aws_iam_policy_document.role_policy: Reading...
data.aws_iam_policy_document.role_policy: Read complete after 0s [id=2080865726]
aws_iam_role_policy.name: Refreshing state... [id=TimestreamScheduledQueriesDebugRole:TimestreamRolePolicy]
awscc_timestream_scheduled_query.this: Refreshing state... [id=arn:aws:timestream:eu-west-1:1234567890:scheduled-query/time-stream-scheduled-queries-debug-query-9a6f71df24c826b6]
data.aws_iam_policy.managed_timestream_full_access: Read complete after 7s [id=arn:aws:iam::aws:policy/AmazonTimestreamFullAccess]
aws_iam_role_policy_attachment.managed_timestream_full_access: Refreshing state... [id=TimestreamScheduledQueriesDebugRole-20230907082857153200000001]
Terraform used the selected providers to
generate the following execution plan.
Resource actions are indicated with the
following symbols:
-/+ destroy and then create replacement
Terraform will perform the following actions:
# awscc_timestream_scheduled_query.this must be replaced
-/+ resource "awscc_timestream_scheduled_query" "this" {
~ arn = "arn:aws:timestream:eu-west-1:1234567890:scheduled-query/time-stream-scheduled-queries-debug-query-9a6f71df24c826b6" -> (known after apply)
+ client_token = (known after apply) # forces replacement
+ error_report_configuration = { # forces replacement
+ s3_configuration = {
+ bucket_name = "timestream-scheduled-queries-debug-eqp8tpkv2wai"
+ encryption_option = (known after apply)
+ object_key_prefix = (known after apply)
}
}
~ id = "arn:aws:timestream:eu-west-1:1234567890:scheduled-query/time-stream-scheduled-queries-debug-query-9a6f71df24c826b6" -> (known after apply)
+ kms_key_id = "arn:aws:kms:eu-west-1:1234567890:key/8fda971a-ab20-408f-aaff-62cebceb1a3a" # forces replacement
+ notification_configuration = { # forces replacement
+ sns_configuration = {
+ topic_arn = "arn:aws:sns:eu-west-1:1234567890:timestream-scheduled-queries-debug-errors.fifo"
}
}
+ query_string = "SELECT organization, workspace, date_trunc('day', time) as time_day, 'clicks' as measure_name, sum(measure_value::bigint)as total_clicks FROM \"timestream-scheduled-queries-debug-db\".\"source\" group by organization, workspace, date_trunc('day', time) order by organization" # forces replacement
+ schedule_configuration = { # forces replacement
+ schedule_expression = "rate(1 hour)"
}
+ scheduled_query_execution_role_arn = "arn:aws:iam::1234567890:role/TimestreamScheduledQueriesDebugRole" # forces replacement
+ scheduled_query_name = "time-stream-scheduled-queries-debug-query" # forces replacement
~ sq_error_report_configuration = "{S3Configuration: {BucketName: timestream-scheduled-queries-debug-eqp8tpkv2wai,EncryptionOption: SSE_S3}}" -> (known after apply)
~ sq_kms_key_id = "arn:aws:kms:eu-west-1:1234567890:key/8fda971a-ab20-408f-aaff-62cebceb1a3a" -> (known after apply)
~ sq_name = "time-stream-scheduled-queries-debug-query" -> (known after apply)
~ sq_notification_configuration = "{SnsConfiguration: {TopicArn: arn:aws:sns:eu-west-1:1234567890:timestream-scheduled-queries-debug-errors.fifo}}" -> (known after apply)
~ sq_query_string = "SELECT organization, workspace, date_trunc('day', time) as time_day, 'clicks' as measure_name, sum(measure_value::bigint)as total_clicks FROM \"timestream-scheduled-queries-debug-db\".\"source\" group by organization, workspace, date_trunc('day', time) order by organization" -> (known after apply)
~ sq_schedule_configuration = "{ScheduleExpression: rate(1 hour)}" -> (known after apply)
~ sq_scheduled_query_execution_role_arn = "arn:aws:iam::1234567890:role/TimestreamScheduledQueriesDebugRole" -> (known after apply)
~ sq_target_configuration = "{TimestreamConfiguration: {DatabaseName: timestream-scheduled-queries-debug-db,TableName: target,TimeColumn: time_day,DimensionMappings: [{Name: organization,DimensionValueType: VARCHAR}, {Name: workspace,DimensionValueType: VARCHAR}],MultiMeasureMappings: {MultiMeasureAttributeMappings: [{SourceColumn: total_clicks,MeasureValueType: BIGINT}]},MeasureNameColumn: measure_name}}" -> (known after apply)
+ tags = (known after apply)
+ target_configuration = { # forces replacement
+ timestream_configuration = {
+ database_name = "timestream-scheduled-queries-debug-db"
+ dimension_mappings = [
+ {
+ dimension_value_type = "VARCHAR"
+ name = "organization"
},
+ {
+ dimension_value_type = "VARCHAR"
+ name = "workspace"
},
]
+ measure_name_column = "measure_name"
+ mixed_measure_mappings = (known after apply)
+ multi_measure_mappings = {
+ multi_measure_attribute_mappings = [
+ {
+ measure_value_type = "BIGINT"
+ source_column = "total_clicks"
+ target_multi_measure_attribute_name = (known after apply)
},
]
+ target_multi_measure_name = (known after apply)
}
+ table_name = "target"
+ time_column = "time_day"
}
}
}
Plan: 1 to add, 0 to change, 1 to destroy.
Raw
main.tf
terraform {
required_version = ">= 1.5.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5.0.0"
}
awscc = {
source = "hashicorp/awscc"
version = ">= 0.53.0"
}
}
}
data "aws_caller_identity" "current" {}
################# KMS #################
resource "aws_kms_key" "this" {
description = "KMS key module test time stream"
deletion_window_in_days = 7
}
################# S3 #################
resource "random_string" "uid" {
length = 12
special = false
upper = false
}
resource "aws_s3_bucket" "this" {
bucket = "timestream-scheduled-queries-debug-${random_string.uid.result}"
force_destroy = true
}
################# SNS #################
resource "aws_sns_topic" "this" {
name = "timestream-scheduled-queries-debug-errors.fifo"
kms_master_key_id = aws_kms_key.this.arn
fifo_topic = true
content_based_deduplication = false
}
resource "aws_sns_topic_policy" "this" {
arn = aws_sns_topic.this.arn
policy = data.aws_iam_policy_document.sns_topic_policy.json
}
data "aws_iam_policy_document" "sns_topic_policy" {
policy_id = "__default_policy_ID"
statement {
actions = [
"SNS:Subscribe",
"SNS:SetTopicAttributes",
"SNS:RemovePermission",
"SNS:Receive",
"SNS:Publish",
"SNS:ListSubscriptionsByTopic",
"SNS:GetTopicAttributes",
"SNS:DeleteTopic",
"SNS:AddPermission",
]
condition {
test = "StringEquals"
variable = "AWS:SourceOwner"
values = [
data.aws_caller_identity.current.account_id,
]
}
effect = "Allow"
principals {
type = "AWS"
identifiers = ["*"]
}
resources = [
aws_sns_topic.this.arn,
]
sid = "__default_statement_ID"
}
}
#################### IAM ####################
data "aws_iam_policy_document" "assume_role_policy" {
statement {
actions = [
"sts:AssumeRole"
]
principals {
type = "Service"
identifiers = ["timestream.amazonaws.com"]
}
effect = "Allow"
}
}
resource "aws_iam_role" "this" {
assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json
name = "TimestreamScheduledQueriesDebugRole"
}
data "aws_iam_policy" "managed_timestream_full_access" {
name = "AmazonTimestreamFullAccess"
}
resource "aws_iam_role_policy_attachment" "managed_timestream_full_access" {
policy_arn = data.aws_iam_policy.managed_timestream_full_access.arn
role = aws_iam_role.this.name
}
resource "aws_iam_role_policy" "name" {
name = "TimestreamRolePolicy"
policy = data.aws_iam_policy_document.role_policy.json
role = aws_iam_role.this.name
}
data "aws_iam_policy_document" "role_policy" {
statement {
sid = "KMSAccess"
effect = "Allow"
resources = [aws_kms_key.this.arn]
actions = ["kms:Decrypt", "kms:GenerateDataKey"]
}
statement {
sid = "SnsPublish"
effect = "Allow"
resources = [aws_sns_topic.this.arn]
actions = ["sns:Publish"]
}
statement {
sid = "BucketAccess"
effect = "Allow"
resources = [
"arn:aws:s3:::${aws_s3_bucket.this.bucket}",
"arn:aws:s3:::${aws_s3_bucket.this.bucket}/*",
]
actions = [
"s3:PutObject",
"s3:GetBucketAcl",
]
}
}
################# Timestream #################
resource "aws_timestreamwrite_database" "this" {
database_name = "timestream-scheduled-queries-debug-db"
kms_key_id = aws_kms_key.this.arn
}
resource "aws_timestreamwrite_table" "source" {
database_name = aws_timestreamwrite_database.this.database_name
table_name = "source"
}
resource "aws_timestreamwrite_table" "target" {
database_name = aws_timestreamwrite_database.this.database_name
table_name = "target"
}
resource "null_resource" "data_injection" {
triggers = {
source = aws_timestreamwrite_table.source.table_name
}
provisioner "local-exec" {
command = <<EOF
aws timestream-write write-records --database-name ${aws_timestreamwrite_database.this.database_name} --table-name ${aws_timestreamwrite_table.source.table_name} --records '[{"Dimensions": [{"Name": "organization", "Value": "organization0", "DimensionValueType": "VARCHAR"},{"Name": "workspace", "Value": "workspace0", "DimensionValueType": "VARCHAR"}], "MeasureName": "click", "MeasureValue": "1", "MeasureValueType": "BIGINT", "Time": "'"`date +%s`"'", "TimeUnit": "SECONDS"}]'
EOF
}
depends_on = [ aws_timestreamwrite_table.source ]
}
resource "awscc_timestream_scheduled_query" "this" {
scheduled_query_name = "time-stream-scheduled-queries-debug-query"
kms_key_id = aws_kms_key.this.arn
error_report_configuration = {
s3_configuration = {
bucket_name = aws_s3_bucket.this.bucket
}
}
notification_configuration = {
sns_configuration = {
topic_arn = aws_sns_topic.this.arn
}
}
query_string = "SELECT organization, workspace, date_trunc('day', time) as time_day, 'clicks' as measure_name, sum(measure_value::bigint)as total_clicks FROM \"timestream-scheduled-queries-debug-db\".\"source\" group by organization, workspace, date_trunc('day', time) order by organization"
schedule_configuration = {
schedule_expression = "rate(1 hour)"
}
target_configuration = {
timestream_configuration = {
database_name = aws_timestreamwrite_database.this.database_name
# List custom dimensions of the source table used in the query
dimension_mappings = [
{
name = "organization"
dimension_value_type = "VARCHAR"
},
{
name = "workspace"
dimension_value_type = "VARCHAR"
}
]
# Destination table
table_name = aws_timestreamwrite_table.target.table_name
time_column = "time_day"
measure_name_column = "measure_name"
multi_measure_mappings = {
multi_measure_attribute_mappings = [
{
source_column = "total_clicks"
measure_value_type = "BIGINT"
}
]
}
}
}
scheduled_query_execution_role_arn = aws_iam_role.this.arn
depends_on = [ null_resource.data_injection ]
}
Raw
state_after_import.json
{
"mode": "managed",
"type": "awscc_timestream_scheduled_query",
"name": "this",
"provider": "provider[\"registry.terraform.io/hashicorp/awscc\"]",
"instances": [
{
"schema_version": 1,
"attributes": {
"arn": "arn:aws:timestream:eu-west-1:1234567890:scheduled-query/time-stream-scheduled-queries-debug-query-e0a61331a0b49d25",
"client_token": null,
"error_report_configuration": null,
"id": "arn:aws:timestream:eu-west-1:1234567890:scheduled-query/time-stream-scheduled-queries-debug-query-e0a61331a0b49d25",
"kms_key_id": null,
"notification_configuration": null,
"query_string": null,
"schedule_configuration": null,
"scheduled_query_execution_role_arn": null,
"scheduled_query_name": null,
"sq_error_report_configuration": "{S3Configuration: {BucketName: timestream-scheduled-queries-debug-s9awodeds7tp,EncryptionOption: SSE_S3}}",
"sq_kms_key_id": "arn:aws:kms:eu-west-1:1234567890:key/8d90cc28-4341-472a-80e0-52934b3a1191",
"sq_name": "time-stream-scheduled-queries-debug-query",
"sq_notification_configuration": "{SnsConfiguration: {TopicArn: arn:aws:sns:eu-west-1:1234567890:timestream-scheduled-queries-debug-errors.fifo}}",
"sq_query_string": "SELECT organization, workspace, date_trunc('day', time) as time_day, 'clicks' as measure_name, sum(measure_value::bigint)as total_clicks FROM \"timestream-scheduled-queries-debug-db\".\"source\" group by organization, workspace, date_trunc('day', time) order by organization",
"sq_schedule_configuration": "{ScheduleExpression: rate(1 hour)}",
"sq_scheduled_query_execution_role_arn": "arn:aws:iam::1234567890:role/TimestreamScheduledQueriesDebugRole",
"sq_target_configuration": "{TimestreamConfiguration: {DatabaseName: timestream-scheduled-queries-debug-db,TableName: target,TimeColumn: time_day,DimensionMappings: [{Name: organization,DimensionValueType: VARCHAR}, {Name: workspace,DimensionValueType: VARCHAR}],MultiMeasureMappings: {MultiMeasureAttributeMappings: [{SourceColumn: total_clicks,MeasureValueType: BIGINT}]},MeasureNameColumn: measure_name}}",
"tags": null,
"target_configuration": null
},
"sensitive_attributes": []
}
]
},
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment