Copy dynamoDB table to another aws account without S3
Master System Design with Codemia
Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.
In scenarios where you need to copy an Amazon DynamoDB table from one AWS account to another without using Amazon S3 as an intermediary, the process can be more complex but still achievable through AWS services like AWS Lambda and AWS Data Pipeline. This article explores the steps and technical details required for this approach, emphasizing the nuances and considerations involved.
Overview
Copying the data directly between different AWS accounts without S3 involves orchestrating several services. Here’s a general outline of the steps involved:
- Prepare IAM Roles and Policies: Ensure both accounts have the necessary permissions.
- Use DynamoDB Streams: Capture and process the table changes in near real-time.
- Leverage AWS Lambda: Read from the DynamoDB stream and write to the destination table.
- Initial Table Copy: Make an initial scan and write of the items to the new table.
Key Steps
1. Prepare IAM Roles and Policies
Source Account:
- Create an IAM role with permissions to read from the source DynamoDB table and invoke the Lambda function.
- Example IAM policy for the source role:
Destination Account:
- Create an IAM role that allows writing to the DynamoDB table.
- Attach a policy to the Lambda function to allow write actions.
- Example IAM policy for the destination role:
2. Use DynamoDB Streams
- Enable Streams: Enable DynamoDB Streams on the source table to capture item-level changes. Choose between
NEW_AND_OLD_IMAGESor other options based on your need to capture complete data. - Stream ARNs and Shards: Understand how to use stream ARNs and shard iterators needed for efficient data transfer through AWS Lambda.
3. Leverage AWS Lambda
- Create a Lambda Function: Set up a Lambda function in the source account to process stream records and write to the destination account's table.
- Code Example:
4. Initial Table Copy
- Perform an Initial Scan: Execute a one-time scan on the source table to transfer data to the destination table. This handles the pre-existing data before enabling real-time updates.
- Efficient Scanning: Use parallel scan or segmented strategies for handling large tables, ensuring you can manage throughputs effectively.
Considerations
- Data Consistency: Ensure that streamed data applies changes accurately to the destination. Handle errors or retries in Lambda to assure consistency.
- Throughput and Limits: Monitor read/write capacity units on both tables, considering any autoscaling or limit exceeding events.
- Error Handling: Implement robust error handling mechanisms in your Lambda function to log issues and allow retries.
Summary Table
| Key Aspect | Source Account | Destination Account |
| Services Used | IAM, DynamoDB Streams, Lambda | IAM, DynamoDB, Lambda |
| Key Permissions Needed | Read from DynamoDB, invoke Lambda | Write to DynamoDB |
| Initial Data Load | Via Scan Operation | Using PutItem API |
| Real-time Data Handling | DynamoDB Streams -> Lambda | Lambda writes to DynamoDB |
| Error Handling | Lambda Exception Handling | Log and Retry Mechanisms |
By employing this structured approach, you can effectively replicate DynamoDB tables across AWS accounts without relying on S3 as an intermediary. This method is particularly useful when direct, near real-time synchronization is needed, and when keeping your architecture lightweight and integrated with the AWS ecosystem is a priority.

