Amazon DynamoDB Tutorial 0/6 lessons ~6 min read Lesson 5

    Creating and Managing DynamoDB Tables

    Everything in DynamoDB starts with a table.

    Course progress0%
    Focus
    17 guided sections
    Practice signal
    Examples included
    Career prep
    Interview Q&A included

    Introduction

    Everything in DynamoDB starts with a table. Unlike relational databases, you do not create schemas, columns, foreign keys, or relationships up front. You create a table with a primary key, choose the right configuration, and then store items that can have different attributes.

    This flexibility is one reason DynamoDB scales well, but table creation is still an architectural decision. A production table needs the right primary key, capacity mode, encryption, backups, lifecycle settings, and operational guardrails.

    Purpose of this lesson

    By the end of this lesson, you will be able to create DynamoDB tables using the AWS Console, AWS CLI, Java SDK, Python Boto3, and Node.js SDK. You will also understand table configuration options such as primary keys, capacity modes, encryption, PITR, streams, TTL, tags, and table lifecycle states.

    Understanding the topic

    A DynamoDB table is a collection of related items. Each table stores a specific category of application data, such as customers, orders, products, accounts, transactions, restaurants, or users.

    Table Anatomy

    What You Configure When Creating a Table

    production checklist
    DynamoDB Table: Customers
    Primary key plus operational settings
    Primary Key
    CustomerId
    Capacity Mode
    On-Demand or Provisioned
    Encryption
    AWS owned, AWS managed, or customer managed key
    PITR
    Restore to any second in the last 35 days
    Streams
    Capture INSERT, MODIFY, REMOVE events
    TTL
    Automatically expire temporary data
    Tags
    Cost allocation and ownership
    CloudWatch
    Metrics, alarms, and operations
    IAM
    Least-privilege access
    ApplicationExample TableTypical Key
    E-CommerceProductsProductId
    E-CommerceCustomersCustomerId
    E-CommerceOrdersCustomerId + OrderDate
    BankingAccountsAccountId
    Food DeliveryRestaurantsRestaurantId
    Social MediaUsersUserId

    Internal architecture

    A production DynamoDB table is more than a name and primary key. It sits behind application APIs and should include security, recovery, lifecycle, and observability decisions from the beginning.

    Production Architecture

    Application to DynamoDB Table

    Client Application
    Web, mobile, service
    AWS SDK / REST API
    Authenticated requests
    IAM Role
    Least privilege
    DynamoDB Table
    Primary key, capacity, encryption, TTL, streams
    Primary Key
    Capacity Mode
    Encryption
    PITR
    Streams
    TTL
    Multi-AZ Replication
    Durability and availability
    Backup / PITR
    Recovery within 35 days
    CloudWatch
    Metrics and alarms

    Visual explanation

    Every table moves through lifecycle states. Applications should wait until a table reaches ACTIVE before sending reads or writes.

    Table Lifecycle

    From Creation to Deletion

    1
    CREATING

    AWS is provisioning metadata and storage

    2
    ACTIVE

    Ready for application reads and writes

    3
    UPDATING

    Configuration is changing

    4
    DELETING

    Table is being removed

    Step-by-step explanation

    1. Choose a meaningful table name that represents the business entity or access pattern.
    2. Select the primary key based on how the application reads data.
    3. Choose On-Demand or Provisioned Capacity based on traffic predictability.
    4. Enable encryption for production data.
    5. Enable Point-in-Time Recovery for accidental deletion and disaster recovery.
    6. Optionally enable Streams for event-driven processing.
    7. Optionally enable TTL for temporary or expiring data.
    8. Add tags for ownership, cost allocation, and operations.

    Production implementation

    You can create a DynamoDB table through the AWS Console, AWS CLI, or SDKs. In all cases, the key choices are the same: table name, primary key, capacity mode, and production features such as encryption and PITR.

    Create table examples

    AWS CLI: create a Customers table

    PAY_PER_REQUEST enables On-Demand Capacity, which is a good default for new applications.

    bash
    aws dynamodb create-table \
    --table-name Customers \
    --attribute-definitions AttributeName=CustomerId,AttributeType=S \
    --key-schema AttributeName=CustomerId,KeyType=HASH \
    --billing-mode PAY_PER_REQUEST

    Java SDK v2: create table

    java
    DynamoDbClient client = DynamoDbClient.create();
    CreateTableRequest request = CreateTableRequest.builder()
    .tableName("Customers")
    .billingMode(BillingMode.PAY_PER_REQUEST)
    .attributeDefinitions(
    AttributeDefinition.builder()
    .attributeName("CustomerId")
    .attributeType(ScalarAttributeType.S)
    .build())
    .keySchema(
    KeySchemaElement.builder()
    .attributeName("CustomerId")
    .keyType(KeyType.HASH)
    .build())
    .build();
    client.createTable(request);

    Python Boto3: create table

    python
    import boto3
    dynamodb = boto3.client("dynamodb")
    dynamodb.create_table(
    TableName="Customers",
    KeySchema=[
    {
    "AttributeName": "CustomerId",
    "KeyType": "HASH"
    }
    ],
    AttributeDefinitions=[
    {
    "AttributeName": "CustomerId",
    "AttributeType": "S"
    }
    ],
    BillingMode="PAY_PER_REQUEST"
    )

    Node.js SDK v3: create table

    javascript
    import {
    DynamoDBClient,
    CreateTableCommand
    } from "@aws-sdk/client-dynamodb";
    const client = new DynamoDBClient({});
    await client.send(new CreateTableCommand({
    TableName: "Customers",
    BillingMode: "PAY_PER_REQUEST",
    AttributeDefinitions: [
    {
    AttributeName: "CustomerId",
    AttributeType: "S"
    }
    ],
    KeySchema: [
    {
    AttributeName: "CustomerId",
    KeyType: "HASH"
    }
    ]
    }));

    Real-world use

    Suppose you are building a food delivery platform. You might start with Customers, Restaurants, Orders, and Drivers. For each table, start with On-Demand Capacity, enable encryption, enable PITR, define meaningful primary keys, and monitor CloudWatch metrics.

    • Customers: partition key CustomerId.
    • Restaurants: partition key RestaurantId.
    • Orders: composite key such as CustomerId + OrderDate if the main access pattern is order history by customer.
    • Drivers: partition key DriverId, with TTL or location update strategy depending on the design.

    Security implications

    Every production table should be encrypted and protected by least-privilege IAM permissions. DynamoDB supports AWS owned keys, AWS managed KMS keys, and customer managed KMS keys.

    • AWS owned key: easiest default, fully managed by AWS.
    • AWS managed KMS key: AWS managed key in your account.
    • Customer managed KMS key: use when compliance requires key ownership, rotation control, or audit policies.
    • IAM: grant applications only the table actions they need, such as dynamodb:GetItem, dynamodb:PutItem, or dynamodb:Query.

    Failure scenarios

    Point-in-Time Recovery protects against accidental writes and deletes. If someone deletes a million customer records, PITR lets you restore the table to any second within the last 35 days.

    • Restore after accidental deletion or bad deployment.
    • Recover from application bugs that overwrite data.
    • Support operational rollback without manual backup jobs.
    • Recommended for production tables by default.

    Decision framework

    • Choose table names that represent business concepts or access patterns.
    • Choose primary keys based on how the application reads data.
    • Use On-Demand Capacity for new or unpredictable workloads.
    • Use Provisioned Capacity when traffic is stable and you need cost control.
    • Enable PITR for production tables.
    • Enable TTL for data that naturally expires, such as OTPs, sessions, temporary tokens, carts, and reservations.
    • Use Streams when item changes should trigger Lambda functions, audit flows, notifications, or event-driven pipelines.

    Best practices

    • Design tables around access patterns.
    • Prefer single-table design for complex applications when appropriate.
    • Choose high-cardinality partition keys.
    • Enable PITR for production tables.
    • Keep encryption enabled.
    • Use meaningful table names.
    • Enable CloudWatch monitoring and alarms.
    • Use tags for cost allocation and ownership.
    • Avoid unnecessary tables before understanding query patterns.

    Common mistakes

    • Creating many small tables unnecessarily.
    • Choosing poor partition keys.
    • Forgetting to enable PITR.
    • Ignoring IAM permissions.
    • Disabling or overlooking encryption.
    • Using Provisioned Capacity without traffic analysis.
    • Creating tables before understanding application queries.

    Advanced interview questions

    Interview Prep

    Practice concise answers, then expand each card for the explanation.

    5 questions
    1BeginnerQuestionIs it mandatory to define all attributes when creating a DynamoDB table?+

    Answer

    No. Only primary key attributes must be defined when the table is created. Other attributes can be added dynamically when inserting items.
    2BeginnerQuestionWhat is Point-in-Time Recovery (PITR)?+

    Answer

    PITR continuously backs up a DynamoDB table and allows it to be restored to any second within the last 35 days.
    3IntermediateQuestionWhat is the difference between DynamoDB Streams and PITR?+

    Answer

    Streams capture item-level changes such as INSERT, MODIFY, and REMOVE for event-driven processing. PITR provides continuous backups for recovery and disaster protection.
    4IntermediateQuestionWhy should TTL be enabled?+

    Answer

    TTL automatically removes expired items, reducing storage costs and removing the need for custom cleanup jobs for temporary data such as sessions, OTPs, tokens, carts, and reservations.
    5AdvancedQuestionWhat table status must be reached before performing operations?+

    Answer

    The table must be in the ACTIVE state before it can reliably process application read and write requests.

    Hands-on exercise

    Build a DynamoDB table design for an Online Library Management System. The table should support book information and temporary reservations.

    • Choose an appropriate table name.
    • Select the primary key.
    • Decide between On-Demand and Provisioned Capacity.
    • Explain why PITR is important for this application.
    • Describe how TTL could automatically expire book reservations.

    Summary

    In this lesson, you learned how to create and manage DynamoDB tables using the AWS Console, AWS CLI, Java SDK, Python Boto3, and Node.js SDK. You also learned the production meaning of table options such as primary keys, capacity modes, encryption, Point-in-Time Recovery, Streams, TTL, tags, IAM, CloudWatch, and table lifecycle states.

    A well-configured table is the foundation of a secure, scalable, and maintainable DynamoDB application. Table creation should not be treated as a quick setup step; it is where access patterns, security, reliability, recovery, and cost decisions begin.

    Next: Lesson 6 covers working with items: PutItem, GetItem, UpdateItem, DeleteItem, conditional writes, batch operations, error handling, optimistic locking, SDK examples, production best practices, and interview questions.

    Ready to mark this lesson complete?Track your journey across the entire course.