Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
3.6.0
-
None
-
Unknown
Description
On aws2-ddb endpoint start it constantly checking table status by doing DescribeTable request.
@Override
public void doStart() throws Exception {
super.doStart();
ddbClient = configuration.getAmazonDDBClient() != null ? configuration.getAmazonDDBClient() : createDdbClient();
String tableName = getConfiguration().getTableName();
LOG.trace("Querying whether table [{}] already exists...", tableName);
try {
DescribeTableRequest.Builder request = DescribeTableRequest.builder().tableName(tableName);
TableDescription tableDescription = ddbClient.describeTable(request.build()).table();
if (!isTableActive(tableDescription)) {
waitForTableToBecomeAvailable(tableName);
}
LOG.trace("Table [{}] already exists", tableName);
return;
} catch (ResourceNotFoundException e) {
LOG.trace("Table [{}] doesn't exist yet", tableName);
LOG.trace("Creating table [{}]...", tableName);
TableDescription tableDescription = createTable(tableName);
if (!isTableActive(tableDescription)) {
waitForTableToBecomeAvailable(tableName);
}
LOG.trace("Table [{}] created", tableName);
}
}
Key issues with such approach:
- it requires to grant DescribeTable operation for client which provides sensitive information like KMS master key ARN/ID, billing information etc. (https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_DescribeTable.html)
- after start and checking table status for being ACTIVE there is no guarantee that it's actually true on doing any other DDB operation with started component.
Potential Solution:
- introduce createTable configuration parameter and use DescribeTable only if createTable==true (default false)