Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Multiple Applications and DynamoDB, Ideal way to configure?

We are planning to use DynamoDB as noSQL database for different applications running in AWS, and are planning to use AWS Identity and Access Management (IAM) for connection to DynamoDB.

Normally you have one AWS account, and you can create new users per application and you can give them access to their respective tables in DynamoDB, to ensure they cannot access/modify other applications data.

My question is, can application use the same name table in DynamoDB? e.g. LOG, so each application has it's own LOG table in DynamoDB, but the data is not shared? (we can achieve this in SQL based databases by defining the schema for each application and creating user who have required access to it's schema)

Note: We are not planning to use different DynamoDB regions and like to know if it is possible using one region?

like image 864
Ahson Imtiaz Avatar asked Jul 29 '14 15:07

Ahson Imtiaz


People also ask

Should I use multiple DynamoDB tables?

Amazon DynamoDB - single table design. As a general rule, you should maintain as few tables as possible in a DynamoDB application. To better understand why that is (keeping few tables, ideally only one) and why it might be beneficial, let's briefly review the DynamoDB data model.

How can the performance of DynamoDB be improved?

You can increase your DynamoDB throughput by several times, by parallelizing reads/writes over multiple partitions. Use DynamoDB as an attribute store rather than as a document store. This will not only reduce the read/write costs but also improve the performance of your operations considerably.


1 Answers

DynamoDB doesn't provide namespacing-levels such as Database and Schema like common SQL RDBMS, e.g. PostgreSQL, Oracle.

[hostname > ] database > schema > table

With DynamoDB its more like this

[aws-region > aws-account-id > ] table

So you have two choices of separating applications accessing DynamoDB:

1) Simply use table name prefixes to separate tables being application specific an use IAM to make sure 'App A' has only access to the tables it requires access to.

  • Pro:
    • easy to use, only separate what needs to be separated
    • ability to share DynamoDB tables between apps if needed
  • Con:
    • billing, reporting

or

2) Use separate AWS Accounts.

  • Pro:
    • separate billing, usage statistics etc.
  • Con:
    • can be annoying to administrate, e.g. login/logout of AWS Console

Note: In general, you should not hard-code DynamoDB table names in your application. Use some mapping of logical-table names to real-table names. e.g. some variable tableName_LOG = 'AppA_LOG'.

like image 111
muhqu Avatar answered Oct 14 '22 07:10

muhqu