I encrypted records using DynamoDB Encryption Client (Item Encryptor) (Lib Link). Now I want to decrypt it. I've read the docs and GitHub page, there is no example so it's really hard to figure out what part I got wrong.
This is the "NewImage" from DynamoDB event. The key is "ID". DynamoDB Stream Record
I've tried:
- Using
decrypt_dynamodb_item
-> not working
"errorMessage": "Invalid material description",
"errorType": "InvalidMaterialDescriptionError",
- Convert the "NewImage" to ddb type using
ddb_to_dict
then usingdecrypt_dynamodb_item
-> not working
"errorMessage": "Value must be of the following types: <class 'bytearray'>, <class 'bytes'>.",
"errorType": "TypeError",
- Get the record directly from the table using
get_item
(instead of using the DynamoDB Stream event) and decrypt it usingdecrypt_python_item
. And, it worked -> So I'm pretty sure mycryto_config
is right. The record configuration which I get directly from the table: DynamoDB Get_Item Record
Do anyone know how to decrypt DynamoDB Stream using DynamoDB Encryption Client. Thanks!
I had a similar issue. I was able to get the item when I called query() using DDB Mapper but was not able to do so using marshallIntoObject() on the DynamoDB stream.
The issue was that the binary attributes in the Dynamo DB stream are encoded in Base64. They need to be decoded first before being passed to the API.