Read-only AWS access for DynamoDB cost analysis
Learn how Dynasight uses read-only AWS access for DynamoDB monitoring and cost optimization without automatically changing tables.
What AWS access does Dynasight need?
Dynasight is designed around read-only AWS access. The product analyzes DynamoDB tables, indexes, capacity, and workload signals so teams can review findings without granting automatic write permissions.
- Use read-only IAM access for analysis.
- Keep table changes under your engineering team's control.
- Separate monitoring and recommendation workflows from production writes.
Access model
Dynasight can look, but it should not be able to change tables
A DynamoDB cost optimization tool should not need broad write permissions to identify waste. Dynasight's positioning is intentionally read-only: analyze the account, generate findings, and let your team decide what to change.
- No automatic DynamoDB table changes.
- No automatic GSI deletions.
- No automatic capacity setting changes.
- Findings are recommendations for engineering review.
What teams should document internally
Keep the IAM role purpose, permissions, owner, rotation process, and review cadence visible in your cloud security process. Dynasight can support a safer workflow, but your AWS governance still matters.
FAQ
Common questions
Does Dynasight need write access?
No. Dynasight is positioned around read-only AWS analysis and does not automatically change DynamoDB tables.
Can Dynasight delete a GSI?
No. Dynasight can flag an unused GSI candidate for review, but the engineering team controls any index changes.
Is read-only access enough for cost analysis?
Yes for analysis and recommendation workflows. Remediation remains a separate engineering action.
Keep exploring
Related DynamoDB optimization topics
Dynasight
Find DynamoDB waste before it becomes normal.
Connect read-only AWS access and turn DynamoDB cost, monitoring, and table design signals into prioritized engineering actions.