AWS Config Rule: DynamoDB Throughput Limit Check

DYNAMODB_THROUGHPUT_LIMIT_CHECK

Fernando Honig

Last Update 6 months ago

Description: Checks if provisioned DynamoDB throughput is approaching the maximum limit for your account. By default, the rule checks if provisioned throughput exceeds a threshold of 80 percent of your account limits.


Trigger type: Periodic


AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Europe (Milan), Canada West (Calgary), Europe (Spain) Region


How to Resolve Manually

Provisioned DynamoDB Tables have a per account standard limit of 80,000 read capacity units (RCU) and 80,000 write capacity units (WCU) 


Your accounts' available throughput can be applied to a single table or across multiple tables.


This rule will show as NON-COMPLIANT if your Dynamo DB Tables are exceeding 80% of this limit. If you are, there are two options available to alleviate this.



Increased Provisioned Throughput


You can increase ReadCapacityUnits or WriteCapacityUnits as often as necessary, using the AWS Management Console or the UpdateTable operation. In a single call, you can increase the provisioned throughput for a table, for any global secondary indexes on that table, or for any combination of these. The new settings do not take effect until the UpdateTable operation is complete.


You can't exceed your per-account quotas when you add provisioned capacity, and DynamoDB doesn't allow you to increase provisioned capacity very rapidly. Aside from these restrictions, you can increase the provisioned capacity for your tables as high as you need. For more information about per-account quotas, see the preceding section, Throughput Default Quotas.


Decreasing Provisioned Throughput


For every table and global secondary index in an UpdateTable operation, you can decrease ReadCapacityUnits or WriteCapacityUnits (or both). The new settings don't take effect until the UpdateTable operation is complete. A decrease is allowed up to four times, anytime per day. A day is defined according to Universal Coordinated Time (UTC). Additionally, if there was no decrease in the past hour, an additional decrease is allowed. This effectively brings the maximum number of decreases in a day to 27 times (4 decreases in the first hour, and 1 decrease for each of the subsequent 1-hour windows in a day).


Table and global secondary index decrease limits are decoupled, so any global secondary indexes for a particular table have their own decrease limits. However, if a single request decreases the throughput for a table and a global secondary index, it is rejected if either exceeds the current limits. Requests are not partially processed.


For more information around Provisioned Throughput and account limits, please refer to the AWS Documentation.


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us