Support Documents
No data found.

DynamoDB PITR & On-Demand Backup and Restore

Lab Details

  1. This lab walks you through the steps to create Amazon DynamoDB backup and restore using the 2 methods provided (PITR & On-Demand).

  2. You will practice the lab using the following AWS Services.

  • IAM - used to create roles which hold the required permission to work.

  • S3 - used to store .csv files which hold the data that is inserted into DynamoDB tables.

  • DynamoDB - used to create tables, store data and work with backup and restore tasks.

  • Lambda - used to trigger the data insertion from S3 to Dynamodb.

  1. Duration: 1 hour

  2. AWS Region: US East (N. Virginia) us-east-1


What is Amazon DynamoDB?

  • It Is a fully managed proprietary NoSQL database service that supports key-value and document data structures.

  • It provides fast and predictable performance with seamless scalability.

  • It takes care of administration of – operating and scaling a distributed database so that the customer need not worry about hardware / setup / configuration, replication, software patching, or cluster scaling.

  • Offers “encryption” at rest, means best feature in protecting sensitive data.

  • Offers 2 options in backup and restoring of data.

  1. On-Demand Backup

  2. Point-in-Time Recovery

     On-Demand Backup : 

  • This option is used to create full backups of your tables for long-term retention and archival for regulatory compliance needs.

  • Allows the customer to have backup and restore of data anytime.

  • These actions run with zero impact on table performance or availability.

  • Backups are preserved regardless of table deletion.

  • Restore always requests for a new table and copies the data to it.

  • It can be performed using AWS Management Console or with API call.

     Point-in-Time Recovery :

  • It provides automatic backups of tables, by enabling it either through AWS Management Console or AWS CLI or the APIs.

  • Once “enabled”, it provides continuous backups until the option is turned off.

  • When this feature is enabled, the customer has the facility to restore the database to any point in time within EarliestRestoreDataTime and LatestRestorableDateTime.

  • The data in Point-in-Time Recovery is retained for 35 days only, and the customer can restore the data to any point-in-time required i.e., he/she can restore data to the previous 5 seconds back.

  • The retention period cannot be changed i.e., it is fixed.

  • When a full table restore is done, all table settings for the restored table come from the current settings of the source table at the time of the restore.

  • Restore of DynamoDB table can be done across AWS Regions i.e., we can restore the table to any region other than the source region.

  • Billing is done for the data transferred out of the source Region and for restoring to a new table in the destination Region.

  • Time taken for restoration of tables depends on various factors and not on the size of the data.

What is Amazon Lambda

  • AWS Lambda is a Serverless Compute service.

  • It works without any servers and allows us to execute code for any type of application.

  • The developer doesn't have to worry about the AWS resources to launch or the steps needed to manage the resources.

  • The configuration of the tasks are done as code . They are implemented in Lambda and performed on execution.

  • Provisioning and Managing are both taken care of by the Lambda function.

  • The languages AWS Lambda supports are Node.js, Python, C#, Java and Go.

  • It allows us to run code in response to events from other AWS services.

What is IAM Role

  • An IAM role is an AWS IAM identity (that we can create in our AWS account) that has specific permissions. 

  • It is similar to an IAM user, which determines what the identity can and cannot do in AWS. 

  • Instead of attaching a role to a particular user or group, it can be attached to anyone who needs it.

  • The advantage of having a role is that we do not have standard long-term credentials such as a password or access keys associated with it. 

  • When resources assume a particular role, it provides us with temporary security credentials for our role session.

  • We can use roles to access users, applications, or services that don't have access to our AWS resources.

  • We can attach one or more policies with roles, depending on our requirements.

  • For example, we can create a role with S3 full access and attach it to an EC2 instance to access S3 buckets.

What is Simple Storage Service (S3)

  • Amazon S3 is a simple storage service that we can use to store and retrieve any amount of data, at any time, from anywhere on the web. 

  • It gives developers and users access to highly scalable, reliable, fast, inexpensive data storage infrastructure.

  • S3 guarantees 99.9% availability at any point in time.

  • S3 has been designed to store up to 5 TB of data.

  • S3 is global, meaning you can create a bucket in any region and access it from anywhere. Due to this, the name of the bucket should be a unique one.

  • The S3 bucket objects, as well as the bucket, can be deleted at any time by the user.

  • We can limit access to our bucket by granting different permissions for different users.

  • S3 also comes with additional features such as versioning, static website hosting, server access logging and life cycle policy for storing objects, and many others.

Architectural Diagram

Case Study

  • In this lab we will be creating tables in DynamoDB and get the data into the table inserted using Lambda function.

  • After creation of tables, we will be working on how to restore the database to a specific time and also on taking a backup of the database and restoring it.

Task Details

  1. Launching lab environment.

  2. Create an IAM Role.

  3. Create S3 bucket and upload CSV files.

  4. Create table in DynamoDB

  5. Create a Lambda function

  6. Executing Lambda function.

  7. Performing Point-in-time Recovery

  8. Performing On-Demand Backup.

  9. Performing Restore of On-Demand Backup.

  10. Validation of the lab

  11. Deleting AWS Resources