Amazon DynamoDB

Datafly Signal writes first-party events as items into a DynamoDB table — fully managed, serverless NoSQL with single-digit millisecond performance at any scale.

Prerequisites

Before configuring Amazon DynamoDB in Signal, you need an AWS account with a DynamoDB table and IAM credentials. Follow the steps below.

Create an AWS Account

If you don’t already have one, sign up at aws.amazon.com. Ensure billing is configured and you have console access.

Create a DynamoDB Table

Open the DynamoDB console.
Click Create table.
Enter a Table name (e.g. datafly_events).
Set the Partition key to message_id (type: String). Optionally add a Sort key such as timestamp (type: String) for time-range queries.
Leave the default settings (on-demand capacity mode is recommended for unpredictable workloads) or choose provisioned capacity if you have predictable traffic.
Click Create table.

On-demand capacity mode automatically scales to handle your traffic. If you expect consistent high throughput, provisioned capacity with auto-scaling may be more cost-effective.

Create an IAM User for Signal

Open the IAM console.
Go to Users > Create user.
Enter a username (e.g. datafly-signal-dynamodb).
Select Attach policies directly.
Click Create policy and use the following JSON:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "dynamodb:PutItem",
        "dynamodb:BatchWriteItem"
      ],
      "Resource": "arn:aws:dynamodb:us-east-1:123456789012:table/datafly_events"
    }
  ]
}

Replace the region, account ID, and table name with your values.
Attach the policy to the user.

Generate Access Keys

On the IAM user detail page, go to Security credentials.
Under Access keys, click Create access key.
Select Application running outside AWS.
Click Create access key.
Copy the Access Key ID and Secret Access Key immediately — the secret is only shown once.

⚠️

Store these credentials securely. If you lose the secret access key, you must create a new key pair.

Configuration

Field	Type	Required	Description
`table_name`	string	Yes	The DynamoDB table name to write items to.
`region`	select	Yes	The AWS region where the DynamoDB table is located.
`access_key_id`	secret	Yes	AWS access key ID with `dynamodb:PutItem` and `dynamodb:BatchWriteItem`.
`secret_access_key`	secret	Yes	Secret access key for the access key ID.
`session_token`	secret	No	Optional STS session token for temporary credentials.

The partition key attribute is named event_id in the default blueprint. Create your DynamoDB table with event_id (String) as the partition key — or override the blueprint mapping to match your existing schema.

Signal Setup

Quick Setup

Navigate to Integrations in the sidebar.
Open the Integration Library tab.
Find Amazon DynamoDB or filter by Database.
Click Install, select a variant if available, and fill in the required fields.
Click Install Integration to create the integration with a ready-to-use default blueprint.

API Setup

curl -X POST http://localhost:8084/v1/admin/integration-catalog/amazon_dynamodb/install \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Amazon DynamoDB",
    "variant": "default",
    "config": {
      "table_name": "datafly_events",
      "region": "us-east-1",
      "access_key_id": "AKIAIOSFODNN7EXAMPLE",
      "secret_access_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
    },
    "delivery_mode": "server_side"
  }'

Schema

Each event becomes one DynamoDB item with the canonical envelope mapped to top-level attributes:

Attribute	DynamoDB type	Notes
`event_id`	`S` (String)	Partition key. Unique per event.
`type`	`S`	Event type.
`event`	`S`	Event name.
`anonymous_id`	`S`	First-party visitor identifier.
`user_id`	`S`	Logged-in user identifier (optional).
`timestamp`	`S` (ISO-8601)	Client event time.
`received_at`	`S` (ISO-8601)	Time Signal received the event.
`sent_at`	`S` (ISO-8601)	Time the item was delivered.
`context`	`M` (Map)	Page, device, user agent, consent metadata.
`properties`	`M` (Map)	Custom event properties.
`traits`	`M` (Map)	User traits.
`source_id`	`S`	Pipeline source identifier.
`integration_id`	`S`	Signal integration identifier.

DynamoDB items cannot exceed 400 KB. Consider using a sort key like timestamp if you need time-range queries within a single partition.

DynamoDB is a first-party destination in your own AWS account. The default blueprint forwards all events. Apply consent filtering via pipeline transforms or downstream Lambda streams over context.consent if needed.

Testing

Enable the integration in Signal and trigger a test event on your website.
Open the DynamoDB console and navigate to your table.
Click Explore table items to verify that event items are appearing.
Check the message_id partition key and confirm the event payload is stored correctly.
In Signal, check the Live Events view to confirm delivery status shows as successful.

Troubleshooting

Problem	Solution
Events not appearing in DynamoDB	Verify the table name, region, and partition key match your DynamoDB table configuration.
`AccessDeniedException`	The IAM user lacks `dynamodb:PutItem` or `dynamodb:BatchWriteItem` permission on the target table. Update the IAM policy.
`ResourceNotFoundException`	The table does not exist in the specified region. Check the table name and region.
`ValidationException`	The partition key name in Signal config does not match the table’s partition key. Verify both match exactly.
`ProvisionedThroughputExceededException`	Your table is in provisioned mode and has hit its write capacity. Switch to on-demand mode or increase provisioned WCU.
Credential errors	Verify the access key ID and secret access key are correct and the IAM user has not been deactivated.

Visit Amazon DynamoDB documentation for full API reference and best practices.