Configuring DynamoDB for DSR Automation
With the Transcend DynamoDB integration, you can fullfil DSRs directly against a DynamoDB database by running custom PartiQL queries for the desired data actions on each datapoint.
The first step to setting up DSRs against a DynamoDB database is creating the datapoints in the data silo that should be queried. We typically recommend creating a datapoint for each table in the database that stores personal data (or any tables you want to action DSRs against). For example, let's say there is a table called Conversations that contains all the messages sent back and forth from a customer. You could create a datapoint for Conversations in the data silo and enable the specific data actions needed. If you're using Structured Discovery, you can enable the Datapoint Schema Discovery plugin to create the datapoints for you automatically.
For each data action enabled for a datapoint in the DynamoDb data silo, you can define a PartiQL query that will execute a database operation. Using the previous Conversations example, let's say you want to enable the datapoint to support access requests. With the “access” data action enabled, you can define a specific query that executes the request to find the Conversation for a user against the database.
For example, assuming the Conversation table has an email attribute, a custom query could be
SELECT * from "Conversation" where email = ?
When fulfilling a DSR for a given user, Trascend will replace all ?
characters in the query by the actual identifier of the user.
Important: as explained in the Connecting the Integration section of the _AWS Integration Connection Guide section above, you must add the necessary permissions to the role you created, depending on which PartiQL operations you are executing.