AWS DynamoDB

Discovery of DynamoDB Data Resources with Veza

Veza will automatically catalog DynamoDB resources for configured AWS accounts. All discovered DynamoDB tables, secondary indexes, and streams can be viewed in the data catalog, with cross-service effective permissions available in Authorization Graph search. DynamoDB insights are included in select Reports, or can be viewed using the Saved Queries panel.

Notes

To extract authorization metadata for DynamoDB, the IAM policy granting discovery and extraction permissions must include the following statement:

  {
      "Sid": "DynamoDB",
      "Effect": "Allow",
      "Action": [
        "dynamodb:ListTables",
        "dynamodb:DescribeTable",
        "dynamodb:ListStreams",
        "dynamodb:DescribeStream"
        ],
      "Resource": "*"
  }

These permissions are included in the latest recommended policy; if you are upgrading from release 2021.6.xyou will need to update the policy attached to the Insight Point, IAM user, or IAM role used for discovery.

Supported Resources / Sub-resources

DynamoDB Table
DynamoDB Secondary Index
DynamoDB Stream

PreviousAutomatically Add New AWS Accounts NextAWS KMS

Last updated 1 year ago