Preparation
Create a User and a Group
The first question I had right after I created a table in DynamoDB was: wait, there was no prompt for creating user and password. How can I connect to it later in the code?
The answer is you have to create a user and password for your DynamoDB in IAM (Identity and Access Management). You can imagine IAM as a central system that manages all the credentials like username, access key, secret key, etc. for each of the services you use in AWS.
- Sign in to AWS console.
- Enter “IAM” in the search box under Find Services, click on it or press ENTER key.
- In the left sidebar: click on Groups under Access management -> click on Create New Group -> give your group a name (you can edit it any time) and click on Next Step -> enter DynamoDB in the search box, then all related policies will be shown in the table below it, check the one/ones that suits your need (if you want to limit a group to be able to only access a specific table, refer to Read More section below), e.g. AmazonDynamoDBFullAccess, and click Next Step -> click on Create Group.
- In the left sidebar: click on Users under Access management -> click on Add user -> give your user a name, check Programmatic access, click on Next: Permissions -> check the group/groups you want to add this user to (this will apply different permission to this user based on your selection), click on Next: Tags -> add some tags (key value pairs)to this user if you want, for example enter description in Key and This user is a test account. under Value, you can add as many tags as you want, after you are done, click on Next: Review -> if everything looks good, click on Create user.
- IMPORTANT: Copy & paste Access key ID and Secret access key in this page or download the .csv file since you won’t be able to see this information again, unless you go through this whole process above and create a new user, and you’ll need them later to connect to DynamoDB.
Install aws-sdk
You have to install aws-sdk dependency in your node project in order to user AWS services. To do so:
npm i aws-sdkInstall dotenv
Never expose your credentials in public repositories! One solution is to install dotenv package:
npm i dotenvThen you can create a .env file (remember to add this file name to .gitignore) to store the credential information as environment variables. If you are deploying your project on platform like Heroku, you can configure environment variables in settings and not necessarily to create this .env file.
Connect to DynamoDB
Finally it comes to the most exciting part. Assuming you have following variables in .env:
DYNAMODB_ACCESS_KEY_ID=IAMADUMMYACCESSKEY
DYNAMODB_SECRET_ACCESS_KEY=iamAdummySecretkeyThen in your index.js (or other file you want to connect to DynamoDB), specify region (you can find your region on the top right corner of the navbar after login), accessKeyId and secretAccessKey:
require("dotenv").config(); // read .env
const AWS = require("aws-sdk");AWS.config.update({
region: "us-west-1",
accessKeyId: process.env.DYNAMODB_ACCESS_KEY_ID,
secretAccessKey: process.env.DYNAMODB_SECRET_ACCESS_KEY,
});const docClient = new AWS.DynamoDB.DocumentClient();
Cool! Now you are able to perform CRUD operations by calling different methods on docClient.
