DynamoDB

DynamoDB now supports cross-account access. But is that a good idea?

AWS, DynamoDB, Security

DynamoDB now supports resource-based policies, which simplified cross-account access to tables.

But just because you can, doesn’t mean you should!

Cross-account access to DynamoDB tables is almost always a smell. But as with everything, there are exceptions and edge cases. You should think carefully before you use resource-based policies to enable cross-account access to your DynamoDB tables.

In this post, let’s explore some legitimate use cases for cross-account access to DynamoDB tables.

How to create private, VPC-only DynamoDB tables

AWS, DynamoDB, Security

You don’t need network security to keep your DynamoDB data safe. However, adding network security on top of IAM authentication and authorization is not a bad thing. Sometimes, it’s even necessary to meet regulatory requirements.

In this post, let’s see how to put DynamoDB in VPC so your data can only be accessed from within a VPC. We will look at what works best for feature teams and what works best for platform teams.

How to Securely let Frontend Apps to Directly Access AWS services

AWS, DynamoDB, S3, Serverless

In this post, let’s discuss a radical idea – if the API layer is not adding any value besides authentication and calling the AWS SDK, then why not just remove it and let the frontend talk to your AWS resources directly? It will be the cheapest way to build a full-stack application, and there are similar precedents in the IoT space already.

It’s not the way that I’d recommend for most of you. But it’s possible to do it safely so that a user can only access his/her data. All you need is a little bit of IAM policy and a Cognito Identity Pool.

How to perform database migration for a live service with no downtime

AWS, DynamoDB, Serverless

Performing a database migration while continuing to serve user requests can be challenging. It’s a question that many students have asked during the Production-Ready Serverless [1] workshop. So here’s my tried-and-tested approach to migrating a live service to a new database without downtime. I’m going to use DynamoDB as an example, but it should work …

How to perform database migration for a live service with no downtime Read More »

How to model one-to-many relationships with AppSync and DynamoDB

AppSync, AWS, DynamoDB, Programming, Serverless

Thank you to Josh for asking this question on the AppSync Masterclass forum. His original question goes like this: Let’s say I want to add a one-to-many relationship from Profile to a new property called “Tag” (a complex object with “name” and “color” properties) so a user can define their own Tags. I would also like a …

How to model one-to-many relationships with AppSync and DynamoDB Read More »

AppSync: how to error on DynamoDB conditional check failures

AppSync, AWS, DynamoDB, GraphQL, Programming

TL;DR To make an AppSync DynamoDB resolver throw exceptions on conditional check errors, we need to check $context.error in the response mapping template ourselves. Like this: #if ( $ctx.error ) #if ( $ctx.error.type.equals(“DynamoDB:ConditionalCheckFailedException”) ) $util.error(“your error message”) #else $util.error($ctx.error.message, $ctx.error.type) #end #end $utils.toJson($context.result) And now, the longer version. The problem AppSync lets us perform DynamoDB …

AppSync: how to error on DynamoDB conditional check failures Read More »

All you need to know about caching for serverless applications

API Gateway, AWS, CloudFront, DynamoDB, Lambda, Programming, Serverless

Last week, someone asked me at the AWS User Group in The Hague “Is caching still relevant for serverless applications?”  The assumption here is that Lambda auto-scales by traffic, so do we still need to worry about caching? And if so, where and how do we implement caching? So let’s break it down. Caching is …

All you need to know about caching for serverless applications Read More »

A simple event-sourcing example with snapshots using Lambda and DynamoDB

AWS, DynamoDB, Lambda, Programming, Serverless

Recently, I have been helping a client implement an event-sourced system. In the process, I put together a very simple demo app to illustrate how one could build such a system using Lambda and DynamoDB. The source code is available on GitHub here. Before you go ahead and read all about the demo app, I …

A simple event-sourcing example with snapshots using Lambda and DynamoDB Read More »

Using CloudWatch and Lambda to implement ad-hoc scheduling

AWS, CloudWatch, Design Patterns, DynamoDB, Lambda, Programming, Serverless

A while back I wrote about using DynamoDB TTL to implement ad-hoc scheduling. It generated some healthy debate and a few of you have mentioned alternatives including using Step Functions. So let’s take a look at some of these alternatives, starting with the simplest – using a cron job. We will assess this approach using the …

Using CloudWatch and Lambda to implement ad-hoc scheduling Read More »

Understanding the scaling behaviour of DynamoDB OnDemand tables

AWS, DynamoDB, Programming

Update 15/03/2019: Thanks to Zac Charles who pointed me to this new page in the DynamoDB docs. It explains how the OnDemand capacity mode works. Turns out you DON’T need to pre-warm a table. You just need to create the table with the desired peak throughput (Provisioned), and then change it to OnDemand. After you change the table to OnDemand …

Understanding the scaling behaviour of DynamoDB OnDemand tables Read More »

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close