Open In App

AWS DynamoDB - Working with Backups

Last Updated : 21 Nov, 2025
Comments
Improve
Suggest changes
2 Likes
Like
Report

Data loss can happen due to accidental deletions, buggy application code, or malicious attacks. Amazon DynamoDB provides two distinct mechanisms to protect your data: Point-in-Time Recovery (PITR) and On-Demand Backups.

Understanding the difference between these two and knowing when to use which is critical for any production application.

1. Point-in-Time Recovery (PITR)

PITR is your "Safety Net" against accidental writes or deletes.

  • How it works: When enabled, DynamoDB continuously backs up your data with per-second granularity. You don't schedule it; it just happens in the background.
  • Retention: You can restore to any second in the last 35 days.
  • Use Case: "Oops, I just deployed a bug that deleted 1,000 user records. I need to rewind the database to 10:00 AM this morning."
  • Performance: Enabling PITR has zero impact on your table's performance or provisioned throughput.

2. On-Demand Backups

On-Demand backups are for long-term archiving and compliance.

  • How it works: You manually trigger a backup (or schedule it via AWS Backup). It takes a full snapshot of the table at that moment.
  • Retention: These backups last forever until you explicitly delete them.
  • Use Case: "I need to keep a monthly snapshot of our data for 7 years for financial auditing."
  • AWS Backup Integration: You can use AWS Backup to manage these snapshots, automate schedules, and copy them to other AWS Regions or Accounts for Disaster Recovery (DR).

Critical Concept: Restoration Behaviour

Crucial: In DynamoDB, you cannot "roll back" an existing table. Restoring a backup ALWAYS creates a new table.

If you restore UsersTable to its state at 12:00 PM, DynamoDB will create a new table (e.g., UsersTable-Restored). You then have to point your application to this new table or copy the missing data back to the original table.

Comparison: PITR vs. On-Demand vs. AWS Backup

FeaturePoint-in-Time Recovery (PITR)On-Demand (Native)AWS Backup (Managed)
PurposeAccidental deletion protection.Long-term archival.Enterprise compliance & DR.
ScheduleContinuous (Automatic).Manual triggering.Automated Schedules (Cron).
RetentionMax 35 Days.Indefinite.Configurable (e.g., 7 years).
Restore ToAny second in the window.The exact time of backup.The exact time of backup.
Cross-RegionYes (Restore to new region).Yes (Copy then restore).Yes (Automated copy).
Cold StorageNo.No.Yes (Cheaper storage tier).

Features of DynamoDB:

Following are the features of DynamoDB:

  • The backup process executes in seconds regardless of the size of user tables or data, so users do not have to worry about backup schedules or long-running processes.
  • Moreover, all backups are automatically encrypted, systematic, easily discoverable, and retained until deleted.
  • Users can back up data i.e tables from a few MB to hundreds of TB of data, with no impact on performance.

Advantages of DynamoDB:

Following are the advantages of using DynamoDB:

  • Fully Managed: It manages all kinds of responsibilities like encryption, performance, and workloads.
  • Easy to Use: Users can enable PITR(Point-in-time recovery) or create, restore, and delete backups easily with a single click.
  • Fast and Scalable: Users can easily enable PITR or create as many backups for tables of any size very fastly like in seconds.
  • No Performance Impact: Have no impact on the performance and availability of your production applications.

Backing Up a DynamoDB Table:

Follow the below steps to backup a DynamoDB table:

  • Choose "Create backup" over the "backups" tab of the source table.
  • On the left side of the console, choose"backup" and then "Create backup".
  • The backup status will show "creating",  and after completion, it will change to "Available".

Output:

{
"BackupDetails": {
    "BackupName":
    "WebSeriesBackup",
    "BackupArn": "arn:aws:dynamodb:us-east-1:123456789012: table/WebSeries/backup/1456781290135-73d8d5bc,
    "BackupStatus": "CREATING",
    "BackupCreationDateTime": 1456781290.135
    }
}

Restoring a DynamoDB Table from a Backup

Follow the below steps to restore a dynamo DB table from backup:

  • Firstly log in to AWS Management Console and open DynamoDB.
  • On the left side of the console, choose "Backups".
  • Now choose your source table name.
  • Choose "Restore" and fill in your basic new table details.
  • Click on "Restore table" to start the restore process.

Output:

aws dynamodb restore-table-from-backup \
--target-table-name WebSeries\
--backup-arn arn:aws: dynamodb:us-east-1:123456789012: table/Music/backup/01581881483719-db9c1f91
--global-secondary-index-override '[]' \
--sse-specification-override Enabled=true, SSEType=KMS

Deleting a DynamoDB Table Backup: 

Follow the below steps to delete a DynamoDB table backup:

  • Firstly log in to AWS Management Console and open DynamoDB.
  • On the left side of the console, choose "Backups".
  • Now choose your source table name.
  • Select "Delete" and confirm it by typing "delete".

Output:

aws dynamodb delete-backup \
--backup-arn arn:aws: dynamodb:us-east-1:123456789012: table/Music/backup/01489602797149-73d8d5bc

Using IAM with DynamoDB Backup and Restore:

Users can easily use AWS Identity and Access Management (IAM) only when the data which need to be backup are in the same AWS account.

Example 1: Permit the "CreateBackup" and "RestoreTableFromBackup":- Grant the access in both actions.

{
    "Version": "2022-02-23",
    "Statement": [
        {
        "Effect": "Allow",
        "Action": [
            "dynamodb: CreateBackup",
            "dynamodb: Restore Table FromBackup",
            "dynamodb: PutItem",
            "dynamodb:UpdateItem",
            "dynamodb: DeleteItem",
            "dynamodb: GetItem",
            "dynamodb:Query",
            "dynamodb: Scan",
            "dynamodb: BatchWriteItem"
            ],            
        "Resource": "arn:aws:dynamodb:us-east-1:123456789012: table/WebSeries"
        }
    ]
}

Pricing Models

  1. PITR: Charged based on the size of the table per month (approx. $0.20 per GB-month).
  2. On-Demand Storage: Charged for the total size of all backups (approx. $0.10 per GB-month).
  3. Restore Costs: You are charged by the GB for the amount of data restored.

Cost Tip: If you use AWS Backup, you can move older backups to "Cold Storage" tiers to save significantly on costs for data you rarely access.

Best Practices

  1. Always Enable PITR: For production tables, the cost is negligible compared to the safety of being able to rewind to any second.
  2. Use AWS Backup for Compliance: Don't write custom scripts to trigger On-Demand backups. Use AWS Backup policies to handle schedules and retention (e.g., "Daily backup, keep for 30 days").
  3. Test Restores: Regularly test restoring a table to ensure your IAM permissions and recovery time objectives (RTO) are met.

S

shubhambhugra234
Improve
Article Tags :

Explore

Lightbox