DynamoDB Time to Live – TTL enables a per-item timestamp to determine when an item is no longer needed.
After the date and time of the specified timestamp, DynamoDB deletes the item from the table without consuming any write throughput.
DynamoDB TTL is provided at no extra cost and can help reduce data storage by retaining only required data.
Items that are deleted from the table are also removed from any local secondary index and global secondary index in the same way as a DeleteItem operation.
Expired items are typically deleted within a few days of their expiration time (DynamoDB documentation states items are typically deleted within two days of expiration).
Items with valid, expired TTL attributes may be deleted by the system at any time after expiration. You can still update expired items that are pending deletion, including changing or removing their TTL attributes.
DynamoDB Streams tracks the TTL delete operation as a system delete (service deletion), not a regular user delete. The streams record contains userIdentity.type: "Service" and userIdentity.principalId: "dynamodb.amazonaws.com".
TTL deletions can be identified in DynamoDB Streams only in the Region where the deletion occurred. TTL deletions replicated to global table replica regions are not identifiable in DynamoDB Streams in those replica regions.
TTL requirements
TTL attributes must use the Number data type. Other data types, such as String, are not supported and will be ignored by the TTL process.
TTL attributes must use the Unix epoch time format (seconds granularity). Ensure the timestamp is in seconds, not milliseconds.
TTL is useful if the stored items lose relevance after a specific time. for e.g.
Remove user or sensor data after a year of inactivity in an application
Archive expired items to an S3 data lake via DynamoDB Streams and AWS Lambda.
Retain sensitive data for a certain amount of time according to contractual or regulatory obligations.
Manage session data, temporary tokens, or short-lived cache entries.
TTL Best Practices
Use filter expressions in Scan and Query operations to exclude expired items that are pending deletion, as they still appear in read results until physically removed.
Use condition expressions to avoid writing to expired items that are pending deletion.
Expired items still count towards storage and read costs until they are physically deleted by the background process.
For Global Tables (version 2019.11.21), DynamoDB replicates TTL deletes to all replica tables. The initial TTL delete does not consume WCU in the region where expiry occurs, but replicated TTL deletes consume a replicated Write Capacity Unit (provisioned) or Replicated Write Unit (on-demand) in each replica region.
TTL will continue to process deletions for approximately 30 minutes after it is disabled on a table.
Near Real-Time Data Eviction (Alternative Patterns)
DynamoDB’s native TTL deletes items within a few days (typically within two days), which may not suit time-sensitive use cases.
For applications requiring near real-time data eviction (less than one minute), consider using Amazon EventBridge Scheduler in combination with DynamoDB to schedule precise deletions.
Another pattern uses a purpose-built Global Secondary Index (GSI) for strict data management and precise eviction control.
These event-driven architecture patterns can reduce deletion latency from days to under one minute but require additional infrastructure.
AWS Certification Exam Practice Questions
Questions are collected from Internet and the answers are marked as per my knowledge and understanding (which might differ with yours).
AWS services are updated everyday and both the answers and questions might be outdated soon, so research accordingly.
AWS exam questions are not updated to keep up the pace with AWS updates, so even if the underlying feature has changed the question might not be updated
Open to further feedback, discussion and correction.
A company developed an application by using AWS Lambda and
Amazon DynamoDB. The Lambda function periodically pulls data from the company’s S3 bucket based on date and time tags and inserts specific values into a DynamoDB table for further processing. The company must remove data that is older than 30 days from the DynamoDB table. Which solution will meet this requirement with the MOST operational efficiency?
Update the Lambda function to add the Version attribute in the DynamoDB table. Enable TTL on the DynamoDB table to expire entries that are older than 30 days based on the TTL attribute.
Update the Lambda function to add the TTL attribute in the DynamoDB table. Enable TTL on the DynamoDB table to expire entries that are older than 30 days based on the TTL attribute.
Use AWS Step Functions to delete entries that are older than 30 days.
Use EventBridge to schedule the Lambda function to delete entries that are older than 30 days.
A company stores session data in a DynamoDB table. Each session must be automatically removed exactly when it expires, with no tolerance for delay. The application requires sub-minute deletion precision. Which approach provides the MOST precise deletion timing?
Enable DynamoDB TTL on the session table with the expiration timestamp attribute.
Use a scheduled Lambda function running every minute to scan and delete expired items.
Use Amazon EventBridge Scheduler to schedule individual delete operations for each session at its exact expiration time.
Create a DynamoDB Stream with a Lambda function to delete items when they are marked as expired.
A developer is implementing DynamoDB TTL for a global table replicated across three regions. Which statement correctly describes how TTL deletions are handled in global tables?
TTL deletions consume Write Capacity Units in all regions including the region where expiry occurs.
The initial TTL delete does not consume WCU in the region where expiry occurs, but replicated deletes consume replicated Write Capacity Units in each replica region.
TTL deletions are not replicated to other regions and must be handled separately in each region.
TTL deletions consume no capacity in any region as they are system operations.