connecting AWS SAM Local with dynamodb in docker
Master System Design with Codemia
Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.
Introduction
Running AWS SAM locally against DynamoDB in Docker is a practical way to test Lambda behavior before deployment. When this setup fails, the problem is usually container networking or endpoint configuration rather than DynamoDB itself. A reliable local workflow uses one shared Docker network, an explicit endpoint for local mode, and a repeatable table bootstrap step.
Put Both Containers on the Same Docker Network
Your Lambda containers run inside Docker when you use sam local. That means localhost inside the function container does not refer to the DynamoDB container. The safer setup is to create a named Docker network and attach both services to it.
The container name dynamodb-local now becomes the hostname other containers on that network can resolve.
Start SAM on the Same Network
AWS SAM has a --docker-network option for local commands. Use it when starting the local API or function runtime so the Lambda container joins the same network as DynamoDB.
Without that option, the Lambda container may only join Docker's default bridge network and fail to reach dynamodb-local.
Pass a Local Endpoint into the Function
Your Lambda code should know when it is running locally and override the DynamoDB endpoint only in that case.
That keeps local and deployed behavior separate. In AWS, you normally do not set a custom endpoint for DynamoDB.
Connect from Lambda Code
For local DynamoDB, dummy credentials are fine, but you should still set region and endpoint explicitly.
The important part is that the endpoint hostname matches the Docker container name on the shared network.
Create the Table Before Testing
Local Lambda code can connect successfully and still fail because the table does not exist. Bootstrap the table before running integration tests.
Once the table exists, you can verify the whole request path from API call to stored item.
Keep Local and Cloud Configuration Separate
Do not hardcode local endpoints into shared application logic. Use an explicit environment flag or local configuration source so deployed code keeps using the managed AWS endpoint.
This separation matters because local emulators are a development convenience, not a production dependency. If the same config path is reused everywhere, it becomes too easy to leak local values into a deployed environment.
Common Pitfalls
The biggest pitfall is using localhost:8000 inside Lambda code. From within the Lambda container, that refers to the container itself, not the DynamoDB container.
Another common issue is starting DynamoDB on one Docker network and SAM on another. The containers may both be healthy and still be unable to see each other.
Teams also often skip table creation and then misread a ResourceNotFoundException as a networking problem.
Finally, avoid letting local endpoint overrides remain active in deployed stacks. Keep the local path deliberate and isolated.
Summary
- Put DynamoDB Local and SAM Lambda containers on the same named Docker network.
- Start SAM with
--docker-networkso Lambda can resolve the DynamoDB container name. - Pass a local DynamoDB endpoint only in local mode.
- Bootstrap tables before testing the integration path.
- Keep emulator configuration separate from deployed AWS settings.

