Skip to main content

Dynamodb Setup Guide

Prerequisites

To connect DynamoDB to Matia, you need the following:

  • Create IAM Policy.
  • Create IAM Role and attach policy to it.
  • Enable streams for Amazon DynamoDB tables

Setup Guide

1. Create IAM Policy

  • Go to the AWS Management Console.
  • Open the IAM console.
  • In the navigation pane, choose Policies.
  • Choose Create policy.
  • Choose the JSON tab.
  • Enter the following policy:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "dynamodb:DescribeStream",
                "dynamodb:DescribeTable",
                "dynamodb:GetRecords",
                "dynamodb:GetShardIterator",
                "dynamodb:ListTables",
                "dynamodb:Scan"
            ],
            "Resource": "*"
        }
    ]
}

IMPORTANT: If you use a customer-managed KMS key, add the following actions to the Action section of the IAM policy to provide read access to the encrypted tables:

"kms:Decrypt"
 "kms:Encrypt"
 "kms:GenerateDataKey"
 "kms:ReEncryptTo"
 "kms:GenerateDataKeyWithoutPlaintext"
 "kms:DescribeKey"
 "kms:ReEncryptFrom"
  • Choose Review policy.
  • Specify the Name of your policy. For example, Matia-DynamoDB-Access.
  • (Optional) Enter a Description for the policy.
  • Choose Create policy.

2. Create IAM Role

  • Go to the AWS Management Console.
  • Open the IAM console.
  • In the navigation pane, choose Roles.
  • Choose Create role.
  • Choose Another AWS account.
  • Enter the following account ID: 035563399062.
  • Select the Require external ID check box.
  • Enter the External ID provided by the connector.
  • Click Next: Permissions.
  • In the Filter policies search box, type the name of the policy you created in the previous step and select it. For example, Matia-DynamoDB-Access.
  • Click Next: Tags.
  • Click Next: Review.
  • Enter a Name for the role. For example, Matia-DynamoDB-Role.
  • (Optional) Enter a Description for the role.
  • Click Create role.

3. Enable streams for Amazon DynamoDB tables

  1. On AWS, go to DynamoDB service, and then select Tables.
  2. Select a table.
  3. Go to Export and streams tab.
  4. In the DynamoDB stream details section, click Turn on.
  5. Select New and old images - both the new and the old images of the item.
  6. Repeat steps 1 through 5 for every table that you want to sync.

ON THIS PAGE

Need Help?

Get help and support on all things Matia.

Contact Us
More Resources