Tutorials: Creating multi-account global tables
This section provides step-by-step instructions for creating DynamoDB global tables that span across multiple AWS accounts.
Follow these steps to create a multi-account global table using the AWS Management Console. The following example creates a global table with replica tables in the United States.
-
Sign in to the AWS Management Console and open the DynamoDB console at https://console.aws.amazon.com/dynamodb/
for the first account (say 111122223333). -
For this example, choose US East (Ohio) from the Region selector in the navigation bar.
-
In the navigation pane on the left side of the console, choose Tables.
-
Choose Create Table.
-
On the Create table page:
-
For Table name, enter
MusicTable. -
For Partition key, enter
Artist. -
For Sort key, enter
SongTitle. -
Keep the other default settings and choose Create table.
-
-
Add the following resource policy to the table
{ "Version": "2012-10-17", "Statement": [ { "Sid": "DynamoDBActionsNeededForSteadyStateReplication", "Effect": "Allow", "Action": [ "dynamodb:ReadDataForReplication", "dynamodb:WriteDataForReplication", "dynamodb:ReplicateSettings" ], "Resource": "arn:aws:dynamodb:us-east-2:111122223333:table/MusicTable", "Principal": {"Service": ["replication.dynamodb.amazonaws.com"]}, "Condition": { "StringEquals": { "aws:SourceAccount": ["444455556666","111122223333"], "aws:SourceArn": [ "arn:aws:dynamodb:us-east-1:444455556666:table/MusicTable", "arn:aws:dynamodb:us-east-2:111122223333:table/MusicTable" ] } } }, { "Sid": "AllowTrustedAccountsToJoinThisGlobalTable", "Effect": "Allow", "Action": [ "dynamodb:AssociateTableReplica" ], "Resource": "arn:aws:dynamodb:us-east-2:111122223333:table/MusicTable", "Principal": {"AWS": ["444455556666"]} } ] } -
This new table serves as the first replica table in a new global table. It is the prototype for other replica tables that you add later.
-
Wait for the table to become Active. For the newly created table, from the Global tables tab, navigate to Settings Replication and click Enable.
-
Logout of this account (
111122223333here). -
Sign in to the AWS Management Console and open the DynamoDB console at https://console.aws.amazon.com/dynamodb/
for the second account (say 444455556666). -
For this example, choose US East (N. Virginia) from the Region selector in the navigation bar.
-
The console ensures that a table with the same name doesn't exist in the selected Region. If a table with the same name does exist, you must delete the existing table before you can create a new replica table in that Region.
-
In the drop down near Create Table, choose Create from another account
-
On the Create table from another account page:
-
Add
arn:aws:dynamodb:us-east-2:as the table arn for the source table.111122223333:table/MusicTable -
In the Replica Table ARNs, add the ARN of the source table again
arn:aws:dynamodb:us-east-2:. If there are multiple replicas already existing as part of a Multi Account Global Table, you must add every existing replica to the ReplicaTableARN.111122223333:table/MusicTable -
Keep the other default settings and choose Submit.
-
-
The Global tables tab for the Music table (and for any other replica tables) shows that the table has been replicated in multiple Regions.
-
To test replication:
-
You can use any of the regions where a replica exists for this table
-
Choose Explore table items.
-
Choose Create item.
-
Enter
item_1for Artist andSong Value 1for SongTitle. -
Choose Create item.
-
Verify replication by switching to the other regions:
-
Verify that the Music table contains the item you created.
-
The following examples show how to create a multi-account global table using the AWS CLI. These examples demonstrate the complete workflow for setting up cross-account replication.
