6

Actually I want to implement validations on AWS DynamoDB table items, which should prevent records to insert/update if rules break for an item fields.

Is it possible?

Or Can we create a trigger lambda for dynamoDB table, that trigger before insert/update. So that we can check for validation rule and handle this.

Sudhanshu
  • 121
  • 1
  • 2
  • 7

2 Answers2

8

DynamoDB does not support database-side items validation. It only validates that when you add an item it should have attributes for your keys (partition key, sort key, etc.) and they have correct type. Apart from that DynamoDB does not validate anything.

Also since DynamoDB is schema-less and does not impose restrictions on your attributes it does not check what attributes your items have (keys is the only exception).

The only option is to validate your items on the server side before you save them into DynamoDB.

UPDATE

Can we create a trigger lambda for dynamoDB table

DynamoDB does not support Lambda triggers that are executed before an item is added to a database. The only trigger that is supported at the moment is for DynamoDB streams, but it is called after an item is stored in a table and it is called asynchronously, meaning that there is a small delay between an item is added and a trigger is executed.

Ivan Mushketyk
  • 8,107
  • 7
  • 50
  • 67
  • Thanks for the response @Ivan. – Sudhanshu Jul 28 '17 at 09:50
  • @Sudhanshu Could you up-vote and approve the answer please? – Ivan Mushketyk Jul 28 '17 at 10:20
  • @Vinicius Since DynamoDB does not support database-side items validation before writing an item it will be written without any validation. Lambda trigger (if configured) will be executed only after an item is written to a table. – Ivan Mushketyk Feb 15 '19 at 20:53
  • @IvanMushketyk Now I know that... I'm just saying that you should explain this in your answer because the OP explicity asked about that. And "doesn't have validation" and "only have after-insert asynchronous triggers" are different things. – Vinicius Feb 19 '19 at 20:32
0

It's better to use API Gateway to validate your model before the lambdas that actually inserts/updates data into dynamoDB is triggered.

I've implemented a sample of that, public available on github: https://github.com/adrianosastre/DynamoDB-CDK-Hands-On

That project is explained in more details on the article: https://dev.to/adrianosastre/aws-serverless-and-the-dynamodb-single-table-design-hands-on-with-cdk-v2-38d0

  • in your article/code you actually use lambda to validate the model not api gateway? If you were to use only APIG<>DDB integration then you'd be left only with validation you added [here](https://github.com/adrianosastre/DynamoDB-CDK-Hands-On/blob/c5330420abe13a1639baafae68e2d45e847d43da/lib/api-gateway-stack.ts#L56-L57) which is just checking for blanks and that it's in line with the schema ([docs](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-request-validation.html)) ? – Andrei-Niculae Petre Oct 17 '22 at 21:08