forked from aws-samples/custom-lens-wa-hub
-
Notifications
You must be signed in to change notification settings - Fork 0
/
custom-lensddb-v1.0.json
2516 lines (2516 loc) · 163 KB
/
custom-lensddb-v1.0.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
{
"schemaVersion": "2021-11-01",
"_version":"1.0",
"_release_date":"2022-11-01",
"_release_note":"A public review version, now we have 6 pillars.",
"_teams":{
"_authors":[
{
"name":"Juhi Patil, DynamoDB Specialist SA"
},
{
"name":"Chad Tindel, Pr. NoSQL Specialist SA"
},
{
"name":"Vaibhav Bhardwaj, Sr DynamoDB Specialist SA"
},
{
"name":"Arjan Schaaf, Sr DynamoDB Specialist SA"
},
{
"name":"Lee Hannigan, DynamoDB Specialist SA"
},
{
"name":"Shaun Farrell, Sr DynamoDB Specialist SA"
},
{
"name":"John Terhune, Sr DynamoDB Specialist SA"
},
{
"name":"Ray Wang, Analytics SME, GCR, AWS",
"email":"[email protected]"
},
{
"name":"Cathy Lai, GTM Database Speacialist, GCR, AWS",
"email":"[email protected]"
}
],
"_tech_reviewers":[
{
"name":"Karthik Vijayraghavan, Sr Mgr NoSQL DynamoDB SSA"
},
{
"name":"Leonid Koren, Principal NoSQL SA"
},
{
"name":"Bob Yeh, Well-Architected Geo SA, APAC"
}
]
},
"name": "Dynamodb Best Practice - For WA Custom Lens",
"description": "Best practices for configuring Dynamodb",
"pillars": [
{
"id": "DDBPERF",
"name": "Performance Efficiency",
"questions": [
{
"id": "DDBPERF1",
"title": "How do you model data efficiently?",
"description": "How do you model data efficiently?",
"choices": [
{
"id": "DDBPERF1_1",
"title": "Optimize access patterns for compute , NOT storage.",
"helpfulResource": {
"displayText": "Read as few items as possible when retrieving data in DynamoDB.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/SQLtoNoSQL.ReadData.html"
},
"improvementPlan": {
"displayText": "Having to scan a lot of data could also be a sign that you need an index to facilitate the access pattern.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/SQLtoNoSQL.ReadData.html"
}
},
{
"id": "DDBPERF1_2",
"title": "Use key conditions over filter expressions",
"helpfulResource": {
"displayText": "Using FilterExpressions with Scans is not a good option for frequent access patterns.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Query.html"
},
"improvementPlan": {
"displayText": "The Query API operation with KeyConditionExpression is a better option it can be more targeted.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Query.html"
}
},
{
"id": "DDBPERF1_3",
"title": "Optimize item size (nearest 1KB boundary for writes , nearest 4KB boundary for reads)",
"helpfulResource": {
"displayText": "WCU means one write per second for an item up to 1 KB in size. RCU for one read per second for items up to 4 KB in size for strongly consistent, and two read for eventually consistent.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html"
},
"improvementPlan": {
"displayText": "Partitions can be defined as units for horizontal scaling\nEach partition can handle up to 3000 RCUs and 1000 WCUs, and can store 10GB data",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html"
}
},
{
"id": "DDBPERF1_4",
"title": "Separate mutable & immutable parts of an item",
"helpfulResource": {
"displayText": "By separating mutable and immutable parts of the Item, you will reduce the cost of updates to that Item.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-general-nosql-design.html#bp-general-nosql-design-approach"
},
"improvementPlan": {
"displayText": "Identify the mutable and immutable attributes for each entity; Consume WCU capacity for updating only the mutable attributes",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-general-nosql-design.html#bp-general-nosql-design-approach"
}
},
{
"id": "DDBPERF1_5",
"title": "Store large blobs of data in S3",
"helpfulResource": {
"displayText": "DynamoDB currently limits 400KB size for each item. If your item size is big think carefully whether you actually need to store it together on the same item or you can split it in multiple items.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-use-s3-too.html"
},
"improvementPlan": {
"displayText": "If you still need to store large item, check whether you can compress those item or if your item size is larger than 400KB, store them as an object in Amazon S3 and then store the object identifier in your DynamoDB item.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-use-s3-too.html"
}
},
{
"id": "DDBPERF1_6",
"title": "Use high cardinality partition keys for table and GSIs to distribute data and access evenly across keys",
"helpfulResource": {
"displayText": "The partition key value is hashed to determine the physical location of the item in the key space.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html"
},
"improvementPlan": {
"displayText": "Thus, it is important to have a high cardinality partition key for better chance of even distribution of data",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html"
}
}
],
"riskRules": [
{
"condition": "DDBPERF1_1 && DDBPERF1_2 && DDBPERF1_3 && DDBPERF1_4 && DDBPERF1_5 && DDBPERF1_6",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF1_1) || (!DDBPERF1_2) || (!DDBPERF1_4) || (!DDBPERF1_5) || (!DDBPERF1_6)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF10",
"title": "(DAX) What is the caching strategy used?",
"description": "(DAX) What is the caching strategy used?",
"choices": [
{
"id": "DDBPERF10_1",
"title": "Use the DAX client for read-through/write-through cache",
"helpfulResource": {
"displayText": "Amazon DynamoDB Accelerator (DAX) is a write-through caching service that is designed to simplify the process of adding a cache to DynamoDB tables.",
"url": "https://aws.amazon.com/blogs/database/amazon-dynamodb-accelerator-dax-a-read-throughwrite-through-cache-for-dynamodb/"
},
"improvementPlan": {
"displayText": "Enable DAX with cache strategy supported like Read-Through/Write-Through Cache for DynamoDB",
"url": "https://aws.amazon.com/blogs/database/amazon-dynamodb-accelerator-dax-a-read-throughwrite-through-cache-for-dynamodb/"
}
},
{
"id": "DDBPERF10_2",
"title": "Use a combination of DynamoDB client and DAX client for side-cache/write-around cache strategies",
"helpfulResource": {
"displayText": "Amazon DynamoDB Accelerator (DAX) is a write-through caching service that is designed to simplify the process of adding a cache to DynamoDB tables.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.consistency.html"
},
"improvementPlan": {
"displayText": "If you are building an application that uses DAX, that application should be designed so that it can tolerate eventually consistent data.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.consistency.html"
}
},
{
"id": "DDBPERF10_3",
"title": "Configure suitable DAX TTL settings",
"helpfulResource": {
"displayText": "DAX maintains two caches for data that it reads from DynamoDB:\nItem cach for Get and BatchGet; and Query cache for Query and Scan.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl"
},
"improvementPlan": {
"displayText": "The default TTL for each of these caches is 5 minutes. If you want to use different TTL settings, you can launch a DAX cluster using a custom parameter group.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl"
}
}
],
"riskRules": [
{
"condition": "DDBPERF10_1 && DDBPERF10_2 && DDBPERF10_3",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF10_1) || (!DDBPERF10_3)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF11",
"title": "(DAX) How do you monitor performance of your cluster?",
"description": "(DAX) How do you monitor performance of your cluster?",
"choices": [
{
"id": "DDBPERF11_1",
"title": "Monitor CloudWatch metrics to determine scaling needs",
"helpfulResource": {
"displayText": "By default, DAX metric data is sent to CloudWatch automatically. The metrics reported by DAX provide information that you can analyze in different ways.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/dax-monitoring-cloudwatch.html"
},
"improvementPlan": {
"displayText": "You can monitor CPUUtilization and CacheMemoryUtilization to determine if the cluster has enough capacity",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html"
}
},
{
"id": "DDBPERF11_2",
"title": "Monitor CloudWatch metrics to tune TTL settings",
"helpfulResource": {
"displayText": "Cache hit rates vary from one application to another and are heavily influenced by the cluster's Time to Live (TTL) setting. Typical hit rates for applications using DAX are 85 95 percent.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html"
},
"improvementPlan": {
"displayText": "If your workload includes Query or Scan operations, you should also look at the QueryCacheHits, QueryCacheMisses, ScanCacheHits, and ScanCacheMisses metrics.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html"
}
},
{
"id": "DDBPERF11_3",
"title": "Choose a maintenance window as per off-peak hours",
"helpfulResource": {
"displayText": "Every cluster has a weekly maintenance window during which any system changes are applied.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.concepts.cluster.html"
},
"improvementPlan": {
"displayText": "The maintenance window should fall at the time of lowest usage and thus might need modification from time to time.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.concepts.cluster.html"
}
}
],
"riskRules": [
{
"condition": "DDBPERF11_1 && DDBPERF11_2 && DDBPERF11_3",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF11_1) || (!DDBPERF11_2)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF2",
"title": "What is the nature of your traffic?",
"description": "What is the nature of your traffic?",
"choices": [
{
"id": "DDBPERF2_1",
"title": "Use DynamoDB for OLTP, key-value workloads",
"helpfulResource": {
"displayText": "DynamoDB is suitable for OLTP and key-value workloads, it does not support aggregations or joins to facilitate OLAP workloads.",
"url": "https://aws.amazon.com/blogs/database/how-to-determine-if-amazon-dynamodb-is-appropriate-for-your-needs-and-then-plan-your-migration/"
},
"improvementPlan": {
"displayText": "We follow an access-patterns first approach to data modelling for NoSQL. We pre-build aggregated items as our application would need to read them.",
"url": "https://aws.amazon.com/blogs/database/how-to-determine-if-amazon-dynamodb-is-appropriate-for-your-needs-and-then-plan-your-migration/"
}
},
{
"id": "DDBPERF2_2",
"title": "Use Provisioned capacity mode with Autoscaling for gradually changing/predictable traffic",
"helpfulResource": {
"displayText": "Autoscaling is a reactive behavior suitable for smoothly changing traffic; Sudden bursts of traffic can still lead to throttling",
"url": "https://aws.amazon.com/blogs/architecture/exponential-backoff-and-jitter/"
},
"improvementPlan": {
"displayText": "To resolve this issue, add jitter and exponential backoff to your API calls. For more information, see Exponential backoff and jitter or switch to ondemand mode",
"url": "https://aws.amazon.com/blogs/architecture/exponential-backoff-and-jitter/"
}
},
{
"id": "DDBPERF2_3",
"title": "Use on-demand capacity mode for new/spiky/unpredictable traffic",
"helpfulResource": {
"displayText": "DynamoDB tables using on-demand capacity mode automatically adapt to your application s traffic volume.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.InitialThroughput"
},
"improvementPlan": {
"displayText": "However, tables using the on-demand mode might still throttle. Pre-warm your tables before going into production.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.InitialThroughput"
}
}
],
"riskRules": [
{
"condition": "DDBPERF2_1 && DDBPERF2_2 && DDBPERF2_3",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF2_1) || (!DDBPERF2_2) || (!DDBPERF2_3)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF3",
"title": "How does your application access data?",
"description": "How does your application access data?",
"choices": [
{
"id": "DDBPERF3_1",
"title": "Use batch operations over individual",
"helpfulResource": {
"displayText": "With batch operations like BatchWriteItem and BatchGetItem, number of network round trips used are quite less compared to individual operations.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Programming.Errors.html#Programming.Errors.BatchOperations"
},
"improvementPlan": {
"displayText": "The application needs to handle less serialization and deserialization of the traffic, cpu goes down and each app server can handle higher throughput and so less number of application servers can do the same amount of work.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Programming.Errors.html#Programming.Errors.BatchOperations"
}
},
{
"id": "DDBPERF3_2",
"title": "Use Global tables for lower read latency",
"helpfulResource": {
"displayText": "In a global table, a newly written item is usually propagated to all replica tables within a second.",
"url": "https://aws.amazon.com/dynamodb/global-tables/"
},
"improvementPlan": {
"displayText": "DynamoDB Global Table provides low-latency reads and writes _x000B_to locally available tables",
"url": "https://aws.amazon.com/dynamodb/global-tables/"
}
}
],
"riskRules": [
{
"condition": "DDBPERF3_1 && DDBPERF3_2",
"risk": "NO_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF4",
"title": "How do you monitor latency?",
"description": "How do you monitor latency?",
"choices": [
{
"id": "DDBPERF4_1",
"title": "Use SuccessfulRequestLatency metric for server-side latency",
"helpfulResource": {
"displayText": "When analyzing the Amazon CloudWatch metric SuccessfulRequestLatency, it's a best practice to check the average latency.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/metrics-dimensions.html#SuccessfulRequestLatency"
},
"improvementPlan": {
"displayText": "Occasional spikes in latency aren't a cause for concern. However, if average latency is high, there might be an underlying issue that you must resolve.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/metrics-dimensions.html#SuccessfulRequestLatency"
}
},
{
"id": "DDBPERF4_2",
"title": "Use the average statistic to understand latency trends",
"helpfulResource": {
"displayText": "DynamoDB reports minute-level metrics to Amazon CloudWatch. The metrics are calculated as the sum for a minute, and then are averaged.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
},
"improvementPlan": {
"displayText": "Check that average is consistent as Maximum might have spikes associated with how distributed systems work",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
}
},
{
"id": "DDBPERF4_3",
"title": "Use XRay to analyze round-trip latency",
"helpfulResource": {
"displayText": "AWS X-Ray can help you analyze and debug production and distributed applications.",
"url": "https://aws.amazon.com/xray/"
},
"improvementPlan": {
"displayText": "Features such as latency metric logging for the AWS SDK or the X-Ray service can help you identify the source of the increased latency.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
}
},
{
"id": "DDBPERF4_4",
"title": "Use application level metrics to analyze round-trip latency",
"helpfulResource": {
"displayText": "Keep in mind that DynamoDB latency metrics measure activity only within DynamoDB or Amazon DynamoDB Streams.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
},
"improvementPlan": {
"displayText": "To get the latency value for all DynamoDB calls, turn on latency metric logging for the AWS SDK.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
}
}
],
"riskRules": [
{
"condition": "DDBPERF4_1 && DDBPERF4_2 && DDBPERF4_3 && DDBPERF4_4",
"risk": "NO_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF5",
"title": "How do you optimize latency?",
"description": "How do you optimize latency?",
"choices": [
{
"id": "DDBPERF5_1",
"title": "Tune SDK settings and client-side timeouts based on load testing",
"helpfulResource": {
"displayText": "Tune the client SDK parameters so that the latent requests timeout and fail much faster (for example, after 50 milliseconds).",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
},
"improvementPlan": {
"displayText": "This causes the client to abandon high latency requests after the specified time period and then send a second request that usually completes much faster than the first.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
}
},
{
"id": "DDBPERF5_2",
"title": "Re-use connections, use connection pooling",
"helpfulResource": {
"displayText": "When your tables are idle, consider having the client send dummy traffic to the DynamoDB tables. Also consider reusing client connections or use connection pooling.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
},
"improvementPlan": {
"displayText": "These techniques help avoid extra cost and time associated with TLS handshake and authentication, they also keep internal caches warm that helps keep latency low.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
}
},
{
"id": "DDBPERF5_3",
"title": "Reduce the distance between the client and DynamoDB endpoint",
"helpfulResource": {
"displayText": "If you have globally dispersed users, consider using global tables.With global tables, you can specify the AWS Regions where you want the table to be available.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GlobalTables.html"
},
"improvementPlan": {
"displayText": "This can significantly reduce latency for your users. Also, consider using the DynamoDB gateway endpoint to avoid traffic across the internet.",
"url": "https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-ddb.html"
}
},
{
"id": "DDBPERF5_4",
"title": "Use caching for read-heavy workloads",
"helpfulResource": {
"displayText": "If your traffic is read heavy, consider using a caching service, such as Amazon DynamoDB Accelerator (DAX).",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.html"
},
"improvementPlan": {
"displayText": "DAX is a fully managed, highly available, in-memory cache for DynamoDB that delivers up to a 10x performance improvement.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
}
},
{
"id": "DDBPERF5_5",
"title": "Use eventually consistent reads where possible",
"helpfulResource": {
"displayText": "If your application doesn't require strongly consistent reads, consider using eventually consistent reads.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadConsistency.html"
},
"improvementPlan": {
"displayText": "Eventually consistent reads are cheaper and are less likely to experience high latency. For more information, see Read consistency.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-high-latency/"
}
}
],
"riskRules": [
{
"condition": "DDBPERF5_1 && DDBPERF5_2 && DDBPERF5_3 && DDBPERF5_4 && DDBPERF5_5",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF5_2) || (!DDBPERF5_3) || (!DDBPERF5_5)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF6",
"title": "How do you monitor/manage throttled requests?",
"description": "How do you monitor/manage throttled requests?",
"choices": [
{
"id": "DDBPERF6_1",
"title": "Configure CloudWatch alarms on ReadThrottleRequests and WriteThrottleRequests metrics",
"helpfulResource": {
"displayText": "ReadThrottleEvents / WriteThrottleEvents are requests to DynamoDB that exceed the provisioned capacity units for a table or a global secondary index.",
"url": "https://aws.amazon.com/blogs/database/monitoring-amazon-dynamodb-for-operational-awareness/"
},
"improvementPlan": {
"displayText": "You can create a CloudWatch alarm that sends an Amazon SNS message when the alarm changes state.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/creating-alarms.html"
}
},
{
"id": "DDBPERF6_2",
"title": "Configure a suitable exponentials back-off and retry mechanism",
"helpfulResource": {
"displayText": "To resolve throttled issue, make sure that your table has enough capacity to serve your traffic and retry throttled requests using exponential backoff.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-table-throttled/"
},
"improvementPlan": {
"displayText": "If you are using the AWS SDK, then this logic is implemented by default. For more information, see Error retries and exponential backoff.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/dynamodb-table-throttled/"
}
},
{
"id": "DDBPERF6_3",
"title": "Pre-warm on-demand tables before LSEs/production",
"helpfulResource": {
"displayText": "\n\nYour DynamoDB on-demand table might be throttled due to the traffic is more than double the previous peak, or the traffic exceeds the per-partition maximum.",
"url": "https://aws.amazon.com/premiumsupport/knowledge-center/on-demand-table-throttling-dynamodb/?nc1=h_ls"
},
"improvementPlan": {
"displayText": "we would pre-warm a provisioned table with enough WCU and RCU to meet our requirements, and then switch the table to on-demand mode.",
"url": "https://aws.amazon.com/blogs/database/running-spiky-workloads-and-optimizing-costs-by-more-than-90-using-amazon-dynamodb-on-demand-capacity-mode/"
}
},
{
"id": "DDBPERF6_4",
"title": "Distribute requests over keys and time",
"helpfulResource": {
"displayText": "Typically, when you load data from other data sources, Amazon DynamoDB partitions your table data on multiple servers.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-data-upload.html"
},
"improvementPlan": {
"displayText": "Every upload in this sequence uses a different partition key value, keeping more DynamoDB servers busy simultaneously and improving your throughput performance.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-data-upload.html"
}
},
{
"id": "DDBPERF6_5",
"title": "Use CloudWatch Contributor Insights for hot key detection",
"helpfulResource": {
"displayText": "CloudWatch Contributor Insights (CCI) logs frequently accessed keys, and throttled keys for both partition and partition+sort key.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/contributorinsights_HowItWorks.html"
},
"improvementPlan": {
"displayText": "CCI gives you the real data, which key was most frequently accessed.It can help customers find application bugs previously undetected.",
"url": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights.html"
}
}
],
"riskRules": [
{
"condition": "DDBPERF6_1 && DDBPERF6_2 && DDBPERF6_3 && DDBPERF6_4 && DDBPERF6_5",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF6_1) || (!DDBPERF6_3) || (!DDBPERF6_4)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF7",
"title": "What percentage of API calls are Scan?",
"description": "What percentage of API calls are Scan?",
"choices": [
{
"id": "DDBPERF7_1",
"title": "Design keys and GSIs for targeted queries rather than Scan",
"helpfulResource": {
"displayText": "Query operation targets a particular partition key rather than a Scan which runs through all items in the table. Scans on large tables can be expensive.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-query-scan.html"
},
"improvementPlan": {
"displayText": "For needle in haystack kind of use-cases where a handful of items out of millions are important, use sparse GSIs rather than scan+filters.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-indexes-general-sparse-indexes.html"
}
},
{
"id": "DDBPERF7_2",
"title": "Use Parallel scan",
"helpfulResource": {
"displayText": "Many applications can benefit from using parallel Scan operations rather than sequential scans.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-query-scan.html"
},
"improvementPlan": {
"displayText": "With a parallel scan, your application has multiple workers that are all running Scan operations concurrently.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-query-scan.html"
}
},
{
"id": "DDBPERF7_3",
"title": "Use GSIs instead of Scans for frequent reads and sparse GSIs where applicable",
"helpfulResource": {
"displayText": "Some applications might need to perform many kinds of queries, using a variety of different attributes as query criteria.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GSI.html#GSI.Reading"
},
"improvementPlan": {
"displayText": "To support these requirements, you can create one or more global secondary indexes and issue Query requests against these indexes.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GSI.html#GSI.Reading"
}
},
{
"id": "DDBPERF7_4",
"title": "Consider using Export to S3",
"helpfulResource": {
"displayText": "DynamoDB table export is a fully managed solution for exporting DynamoDB tables at scale, and is much faster than other workarounds involving table scans.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport.HowItWorks.html"
},
"improvementPlan": {
"displayText": "Exporting a DynamoDB table to an S3 bucket enables you to perform analytics and complex queries on your data using other AWS services such as Athena, AWS Glue, and Lake Formation",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/S3DataExport.HowItWorks.html"
}
}
],
"riskRules": [
{
"condition": "DDBPERF7_1 && DDBPERF7_2 && DDBPERF7_3 && DDBPERF7_4",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF7_1) || (!DDBPERF7_3) || (!DDBPERF7_4)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF8",
"title": "Do you have a caching solution?",
"description": "Do you have a caching solution?",
"choices": [
{
"id": "DDBPERF8_1",
"title": "Use DAX for a managed, API-compatible, in-memory caching solution",
"helpfulResource": {
"displayText": "DAX is a DynamoDB-compatible caching service that enables you to benefit from fast in-memory performance for demanding applications.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.html"
},
"improvementPlan": {
"displayText": "DAX provides access to eventually consistent data from DynamoDB tables, with microsecond latency. A Multi-AZ DAX cluster can serve millions of requests per second.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.html"
}
}
],
"riskRules": [
{
"condition": "DDBPERF8_1",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF8_1)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBPERF9",
"title": "(DAX) How do you size your cluster?",
"description": "(DAX) How do you size your cluster?",
"choices": [
{
"id": "DDBPERF9_1",
"title": "Estimate traffic, target cache hit ratio and working set size",
"helpfulResource": {
"displayText": "It's important to scale your DAX cluster appropriately for your workload, whether you're creating a new cluster or maintaining an existing cluster.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html"
},
"improvementPlan": {
"displayText": "As time goes on and your application's workload changes, you should periodically revisit your scaling decisions to make sure that they are still appropriate.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html"
}
},
{
"id": "DDBPERF9_2",
"title": "Validate sizing by performing load tests and scale as needed",
"helpfulResource": {
"displayText": "Ideally, the traffic profile that you drive during the load test should be as similar as possible to your application's real traffic.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html"
},
"improvementPlan": {
"displayText": "To achieve a cache hit rate similar to your application's expected cache hit rate, pay close attention to the distribution of keys in your test traffic.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html"
}
},
{
"id": "DDBPERF9_3",
"title": "Consider future growth while sizing",
"helpfulResource": {
"displayText": "DAX clusters cannot be scaled vertically. Hence, it is important to consider growth in data volume and write traffic while sizing the cluster.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html#DAX.sizing-guide.estimating-traffic"
},
"improvementPlan": {
"displayText": "When making traffic estimates, plan for future growth and for expected and unexpected peaks to ensure that your cluster has enough headroom for traffic increases.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.sizing-guide.html#DAX.sizing-guide.estimating-traffic"
}
}
],
"riskRules": [
{
"condition": "DDBPERF9_1 && DDBPERF9_2 && DDBPERF9_3",
"risk": "NO_RISK"
},
{
"condition": "(!DDBPERF9_1) || (!DDBPERF9_2) || (!DDBPERF9_3)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
}
]
},
{
"id": "DDBOPS",
"name": "Operational Excellence",
"questions": [
{
"id": "DDBOPS1",
"title": "How do you deploy Amazon DynamoDB tables across regions / environments?",
"description": "How do you deploy Amazon DynamoDB tables across regions / environments?",
"choices": [
{
"id": "DDBOPS1_1",
"title": "Provision Infrastructure as Code CloudFormation, CDK, Terraform",
"helpfulResource": {
"displayText": "Codifying your infrastructure allows you to treat your infrastructure as code.",
"url": "https://docs.aws.amazon.com/whitepapers/latest/introduction-devops-aws/infrastructure-as-code.html"
},
"improvementPlan": {
"displayText": "You can author it with any code editor, check it into a version control system, and review the files with team members before deploying into production.",
"url": "https://docs.aws.amazon.com/whitepapers/latest/introduction-devops-aws/infrastructure-as-code.html"
}
},
{
"id": "DDBOPS1_2",
"title": "For multi-region deployments, use latest version of DynamoDB Global Tables",
"helpfulResource": {
"displayText": "There are two versions of DynamoDB global tables available: Version 2019.11.21 (Current) and Version 2017.11.29.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GlobalTables.html"
},
"improvementPlan": {
"displayText": "To find out which version you are using, see Determining the version.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/globaltables.DetermineVersion.html"
}
},
{
"id": "DDBOPS1_3",
"title": "Use separated environments used for different stages in the development cycle",
"helpfulResource": {
"displayText": "This reduces errors caused by manual processes and helps increase levels of control to gain confidence your workload operates as intended.",
"url": "https://wa.aws.amazon.com/serv.question.OPS_2.en.html"
},
"improvementPlan": {
"displayText": "Use infrastructure as code and version control to enable tracking of changes and releases. Isolate development and production stages in separate environments.",
"url": "https://wa.aws.amazon.com/serv.question.OPS_2.en.html"
}
}
],
"riskRules": [
{
"condition": "DDBOPS1_1 && DDBOPS1_2 && DDBOPS1_3",
"risk": "NO_RISK"
},
{
"condition": "(!DDBOPS1_1) || (!DDBOPS1_2) || (!DDBOPS1_3)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBOPS2",
"title": "How do you track and test changes to table configuration?",
"description": "How do you track and test changes to table configuration?",
"choices": [
{
"id": "DDBOPS2_1",
"title": "Define AWS Config rules to validate Amazon DynamoDB best practices",
"helpfulResource": {
"displayText": "AWS Config provides AWS predefined managed rules, which you can use to evaluate your DynamoDB follow best practices.",
"url": "https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html"
},
"improvementPlan": {
"displayText": "AWS Config Managed Rules for DynamoDB to check your backup plan, encryption, auto scaling enabled ... etc.",
"url": "https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html"
}
},
{
"id": "DDBOPS2_2",
"title": "Trigger AWS CloudWatch events rules for AWS Config events",
"helpfulResource": {
"displayText": "You can use Amazon CloudWatch Events to react to resource configuration and compliance change notifications from AWS Config.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/monitoring-cloudwatch.html"
},
"improvementPlan": {
"displayText": "Leverage AWS CloudWatch event rules when AWS config events are triggered to either send notification or proactively remediate the issue.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/contributorinsights_HowItWorks.html"
}
},
{
"id": "DDBOPS2_3",
"title": "Benchmark Amazon DynamoDB tables for performance",
"helpfulResource": {
"displayText": "Use your application to benchmark on DynamoDB table according to your use case and access pattern.",
"url": "https://aws.amazon.com/blogs/database/running-spiky-workloads-and-optimizing-costs-by-more-than-90-using-amazon-dynamodb-on-demand-capacity-mode/"
},
"improvementPlan": {
"displayText": "Make sure the DynamoDB can fulfill your senerio (Make sure not to benchmark new table, set correct provisioned table then do benchmark)",
"url": "https://aws.amazon.com/blogs/database/running-spiky-workloads-and-optimizing-costs-by-more-than-90-using-amazon-dynamodb-on-demand-capacity-mode/"
}
}
],
"riskRules": [
{
"condition": "DDBOPS2_1 && DDBOPS2_2 && DDBOPS2_3",
"risk": "NO_RISK"
},
{
"condition": "(!DDBOPS2_3)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBOPS3",
"title": "How do you evaluate operational readiness of your workload?",
"description": "How do you evaluate operational readiness of your workload?",
"choices": [
{
"id": "DDBOPS3_1",
"title": "Use playbooks to define operational readiness",
"helpfulResource": {
"displayText": "Have a standard process or playbook to adjust table configurations will prevent unexpected manual error.",
"url": "https://wa.aws.amazon.com/wellarchitected/2020-07-02T19-33-23/wat.concept.playbook.en.html"
},
"improvementPlan": {
"displayText": "Enable consistent and prompt responses to failure scenarios by documenting the investigation process in playbooks.",
"url": "https://wa.aws.amazon.com/wellarchitected/2020-07-02T19-33-23/wat.concept.playbook.en.html"
}
},
{
"id": "DDBOPS3_2",
"title": "Periodically running readiness tests according to existing playbooks",
"helpfulResource": {
"displayText": "We are continually evolving our application and workload, which we need to take application change into consideration during operation readiness tests."
},
"improvementPlan": {
"displayText": "After the playbook is ready we still need to periodically run the exist playbook and make sure the process still work during application evolution."
}
}
],
"riskRules": [
{
"condition": "DDBOPS3_1 && DDBOPS3_2",
"risk": "NO_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
},
{
"id": "DDBOPS4",
"title": "How do you monitor Amazon DynamoDB tables and service limits?",
"description": "How do you monitor Amazon DynamoDB tables and service limits?",
"choices": [
{
"id": "DDBOPS4_1",
"title": "Tag tables for organization, identification and cost accounting",
"helpfulResource": {
"displayText": "You can label Amazon DynamoDB resources using tags. Tags let you categorize your resources in different ways.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html"
},
"improvementPlan": {
"displayText": "Tags can help you quickly identify a resource based on the tags that you assigned to it.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html"
}
},
{
"id": "DDBOPS4_2",
"title": "Configure application to log database connectivity response times & errors",
"helpfulResource": {
"displayText": "DynamoDB send built-in metric to CloudWatch by default, but you need more detail information which you can get from your application log like database connectivity response times & errors."
},
"improvementPlan": {
"displayText": "You can write application log to CloudWatch Log for you to analyze. Creating metrics from log events using filters to turn log data into numerical CloudWatch metrics that you can graph or set an alarm on.",
"url": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/MonitoringLogData.html"
}
},
{
"id": "DDBOPS4_3",
"title": "Create AWS CloudWatch dashboards and alarms for key metrics and application logs",
"helpfulResource": {
"displayText": "You can monitor Amazon DynamoDB using CloudWatch, which collects and processes raw data from DynamoDB into readable, near real-time metrics.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/monitoring-cloudwatch.html"
},
"improvementPlan": {
"displayText": "When you interact with DynamoDB, it sends metrics and dimensions to CloudWatch. You can set alarms for key metrics and application logs.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/metrics-dimensions.html"
}
},
{
"id": "DDBOPS4_4",
"title": "Enable CloudWatch Contributor Insights (CCI) for Amazon DynamoDB (at least during troubleshooting)",
"helpfulResource": {
"displayText": "CloudWatch Contributor Insights (CCI) logs frequently accessed keys, and throttled keys for both partition and partition+sort key.",
"url": "https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/contributorinsights_HowItWorks.html"
},
"improvementPlan": {
"displayText": "CCI gives you the real data, which key was most frequently accessed.It can help customers find application bugs previously undetected.",
"url": "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights.html"
}
}
],
"riskRules": [
{
"condition": "DDBOPS4_1 && DDBOPS4_2 && DDBOPS4_3 && DDBOPS4_4",
"risk": "NO_RISK"
},
{
"condition": "(!DDBOPS4_3)",
"risk": "HIGH_RISK"
},
{
"condition": "default",
"risk": "MEDIUM_RISK"
}
]
}
]
},
{
"id": "DDBSEC",
"name": "Security",
"questions": [
{
"id": "DDBSEC1",
"title": "How do you securely operate your DynamoDB Tables?",
"description": "How do you securely operate your DynamoDB Tables?",
"choices": [
{
"id": "DDBSEC1_1",
"title": "Using separate accounts for DynamoDB Tables in production and non-production environment",
"helpfulResource": {
"displayText": "Organize workload includes DynamoDB in separate accounts and group accounts based on production, and non-production environment, which might have different security requirement.",
"url": "https://wa.aws.amazon.com/wat.question.SEC_1.en.html"
},
"improvementPlan": {
"displayText": "Start with security and infrastructure in mind to enable your organization to build security baseline based for production, and non-production environmen",
"url": "https://wa.aws.amazon.com/wat.question.SEC_1.en.html"
}
},
{
"id": "DDBSEC1_2",
"title": "Identify compliance requirements for data store in DynamoDB tables",