sigs.k8s.io/external-dns@v0.14.1/docs/registry/dynamodb.md (about) 1 # The DynamoDB registry 2 3 The DynamoDB registry stores DNS record metadata in an AWS DynamoDB table. 4 5 ## The DynamoDB Table 6 7 By default, the DynamoDB registry stores data in the table named `external-dns`. 8 A different table may be specified using the `--dynamodb-table` flag. 9 A different region may be specified using the `--dynamodb-region` flag. 10 11 The table must have a partition (hash) key named `k` and string type. 12 The table must not have a sort (range) key. 13 14 ## IAM permissions 15 16 The ExternalDNS Role must be granted the following permissions: 17 18 ```json 19 { 20 "Effect": "Allow", 21 "Action": [ 22 "DynamoDB:DescribeTable", 23 "DynamoDB:PartiQLDelete", 24 "DynamoDB:PartiQLInsert", 25 "DynamoDB:PartiQLUpdate", 26 "DynamoDB:Scan" 27 ], 28 "Resource": [ 29 "arn:aws:dynamodb:*:*:table/external-dns" 30 ] 31 } 32 ``` 33 34 The region and account ID may be specified explicitly specified instead of using wildcards. 35 36 ## Caching 37 38 The DynamoDB registry can optionally cache DNS records read from the provider. This can mitigate 39 rate limits imposed by the provider. 40 41 Caching is enabled by specifying a cache duration with the `--txt-cache-interval` flag. 42 43 ## Migration from TXT registry 44 45 If any ownership TXT records exist for the configured owner, the DynamoDB registry will migrate 46 the metadata therein to the DynamoDB table. If any such TXT records exist, any previous values for 47 `--txt-prefix`, `--txt-suffix`, `--txt-wildcard-replacement`, and `--txt-encrypt-aes-key` 48 must be supplied. 49 50 If TXT records are in the set of managed record types specified by `--managed-record-types`, 51 it will then delete the ownership TXT records on a subsequent reconciliation.