phstc/retool-ddb-cdk.ts

## retool-ddb-cdk.ts
// See https://docs.retool.com/docs/dynamodb-integration
import { Stack, StackProps } from "aws-cdk-lib";
import * as dynamodb from "aws-cdk-lib/aws-dynamodb";
import * as iam from "aws-cdk-lib/aws-iam";
import { Construct } from "constructs";

export class DataStack extends Stack {
  public readonly table: dynamodb.Table;

  constructor(scope: Construct, id: string, props?: StackProps) {
    super(scope, id, props);

    const table = new dynamodb.Table(this, 'table', {
      partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
      sortKey: { name: 'sk', type: dynamodb.AttributeType.STRING },
    });

    table.addGlobalSecondaryIndex({
      indexName: 'gsi1',
      partitionKey: { name: 'gsipk1', type: dynamodb.AttributeType.STRING },
      sortKey: { name: 'gsisk1', type: dynamodb.AttributeType.STRING },
    })

    this.table = table;

    // https://docs.retool.com/docs/dynamodb-integration
    const retoolUser = new iam.User(this, 'retool-dynmoadb');

    /*
    retoolUser.addToPolicy(new iam.PolicyStatement({
      actions: [
        "dynamodb:DeleteItem",
        "dynamodb:GetItem",
        "dynamodb:BatchGetItem",
        "dynamodb:BatchWriteItem",
        "dynamodb:PutItem",
        "dynamodb:Scan",
        "dynamodb:Query",
        "dynamodb:UpdateItem",
        "dynamodb:GetRecords",
        "dynamodb:GetShardIterator"
      ],
      resources: [
        table.tableArn,
        `${table.tableArn}/index/*`
      ],
    }))
    */

    table.grantReadWriteData(retoolUser)

    retoolUser.addToPolicy(new iam.PolicyStatement({
      actions: [
        "dynamodb:ListTables",
        "dynamodb:ListTagsOfResource",
        "dynamodb:DescribeReservedCapacityOfferings",
        "dynamodb:DescribeTable",
        "dynamodb:DescribeContinuousBackups",
        "dynamodb:DescribeLimits",
        "dynamodb:ListBackups",
        "dynamodb:DescribeStream",
        "dynamodb:DescribeTimeToLive",
        "dynamodb:ListStreams",
        "dynamodb:DescribeGlobalTableSettings",
        "dynamodb:ListGlobalTables",
        "dynamodb:DescribeGlobalTable",
        "dynamodb:DescribeReservedCapacity",
        "dynamodb:DescribeBackup",
      ],
      resources: ['*'],
    }))
  }
}
	// See https://docs.retool.com/docs/dynamodb-integration
	import { Stack, StackProps } from "aws-cdk-lib";
	import * as dynamodb from "aws-cdk-lib/aws-dynamodb";
	import * as iam from "aws-cdk-lib/aws-iam";
	import { Construct } from "constructs";

	export class DataStack extends Stack {
	public readonly table: dynamodb.Table;

	constructor(scope: Construct, id: string, props?: StackProps) {
	super(scope, id, props);

	const table = new dynamodb.Table(this, 'table', {
	partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
	sortKey: { name: 'sk', type: dynamodb.AttributeType.STRING },
	});

	table.addGlobalSecondaryIndex({
	indexName: 'gsi1',
	partitionKey: { name: 'gsipk1', type: dynamodb.AttributeType.STRING },
	sortKey: { name: 'gsisk1', type: dynamodb.AttributeType.STRING },
	})

	this.table = table;

	// https://docs.retool.com/docs/dynamodb-integration
	const retoolUser = new iam.User(this, 'retool-dynmoadb');

	/*
	retoolUser.addToPolicy(new iam.PolicyStatement({
	actions: [
	"dynamodb:DeleteItem",
	"dynamodb:GetItem",
	"dynamodb:BatchGetItem",
	"dynamodb:BatchWriteItem",
	"dynamodb:PutItem",
	"dynamodb:Scan",
	"dynamodb:Query",
	"dynamodb:UpdateItem",
	"dynamodb:GetRecords",
	"dynamodb:GetShardIterator"
	],
	resources: [
	table.tableArn,
	`${table.tableArn}/index/*`
	],
	}))
	*/

	table.grantReadWriteData(retoolUser)

	retoolUser.addToPolicy(new iam.PolicyStatement({
	actions: [
	"dynamodb:ListTables",
	"dynamodb:ListTagsOfResource",
	"dynamodb:DescribeReservedCapacityOfferings",
	"dynamodb:DescribeTable",
	"dynamodb:DescribeContinuousBackups",
	"dynamodb:DescribeLimits",
	"dynamodb:ListBackups",
	"dynamodb:DescribeStream",
	"dynamodb:DescribeTimeToLive",
	"dynamodb:ListStreams",
	"dynamodb:DescribeGlobalTableSettings",
	"dynamodb:ListGlobalTables",
	"dynamodb:DescribeGlobalTable",
	"dynamodb:DescribeReservedCapacity",
	"dynamodb:DescribeBackup",
	],
	resources: ['*'],
	}))
	}
	}