Protecting DynamoDB Tables

To protect DynamoDB tables, Veeam Backup for AWS runs backup policies. A backup policy is a collection of settings that define the way backup operations are performed: what data to back up, where to store backups, when to start the backup process, how to retain restore points and so on.

Veeam Backup for AWS does not install agent software inside instances to back up DynamoDB tables — it uses native AWS capabilities instead. During every backup session, Veeam Backup for AWS creates a cloud-native backup for each table added to a backup policy. The cloud-native backup is further used to create a backup copy in another AWS Region. For more information on how DynamoDB table backup works, see DynamoDB Backup.

Supported DynamoDB Table Properties

Veeam Backup for AWS version 7.0 allows you to back up and restore the following table properties:



Possibility to Change Property During Restore to New Location

Table name

The name of a DynamoDB table.


Partition key

The first attribute of the primary key.


Sort key

The second attribute of the primary key.


Global secondary index (GSI) and local secondary index (LSI)

Additional indexes that provide efficient access to the table data.


Table class

Defines how often the table data is accessed.


Capacity mode

Defines how read/write operations are charged and managed.


Provisioned read/write capacity units

Read/write throughput for the table and its indexes.



Table identifiers.


Deletion protection

Defines whether the table is protected against accidental deletion.


Server-side encryption

Defines the key used for data-at-rest encryption.


Point-in-time recovery (PITR)

Defines whether the table data can be restored to any point in time during the last 35 days.


DynamoDB Time to Live (TTL)

An attribute name with a timestamp that determines when the table items are no longer needed.




Veeam Backup for AWS does not support the following:

  • DynamoDB global table feature
  • CloudWatch alarms
  • Adjusted provisioned throughput capacity provided by Amazon DynamoDB auto scaling
  • Item-level modifications captured by Amazon Kinesis Data Streams
  • Time-ordered sequences of item-level modifications captured by Amazon DynamoDB Streams
  • Backup and restore of keys in your tables and indexes identified by Amazon CloudWatch Contributor Insights

How To Protect DynamoDB Tables

To create a DynamoDB policy, perform the following steps:

  1. Check limitations and prerequisites.
  2. Specify IAM roles to access AWS services and resources.
  3. [Optional] Configure global retention settings for obsolete session records.
  4. [Optional] Configure email notification settings for automated delivery of backup policy results and daily reports.
  5. Complete the Add DynamoDB Policy wizard.

Related Topics

DynamoDB Restore