It is possible to Access AWS DynamoDB streams accross accounts?

Question

My company manages AWS using a multi-account system. I have a lambda function in account A and a DynamoDB table with a Stream enabled in account B. I want the stream events

Answer 1

Since DynamoDB is using Kinesis in the backend for its streams, you can't create a cross-account event source mapping between DynamoDB table and lambda.

This is documented in the following blog post from AWS:

How do I invoke my Lambda function using a cross-account Kinesis stream?

Lambda doesn't currently support cross-account triggers from Kinesis or any stream-based sources.

The blog post also provides a workaround:

As a workaround, you can use a "poller" Lambda function in the same account as the Kinesis stream (account A) to invoke a "processor" Lambda function in the other account (account B).

Answer 2

Unfortunately, no.

From AWS docs:

"Important

You must create a DynamoDB table in the same region where you created the Lambda function. This tutorial assumes the US East (N. Virginia) region. In addition, both the table and the Lambda functions must belong to the same AWS account."

(emphasis added)

Reference: http://docs.aws.amazon.com/lambda/latest/dg/with-ddb-configure-ddb.html