This chapter covers DynamoDB Time to Live (TTL), a feature that automatically expires and deletes items after a specified timestamp. TTL is a critical tool for managing data lifecycle, reducing storage costs, and complying with data retention policies. On the DVA-C02 exam, TTL appears in roughly 5-8% of questions, often in scenarios involving session management, log expiration, or regulatory compliance. Understanding TTL's precise mechanism, its interaction with streams and backups, and its common misconfigurations is essential for scoring well.
Jump to a section
Imagine a public library with millions of books. Each book has a due date stamped on its checkout card. The library doesn't have staff constantly checking shelves for overdue books — that would be too slow and expensive. Instead, every night at midnight, a robotic cart scans the shelves. It only looks at books whose due date is earlier than today's date. When it finds one, it picks up the book and moves it to a 'returned' bin in the back room. The book is no longer on the shelf for patrons to browse, but it still exists in the library's inventory system for a few days before being permanently recycled. Patrons never see the book after the due date passes, because the cart removes it from the active collection promptly. The key is that the library doesn't delete the book immediately at the exact due date — there's a small grace period (a few hours) before the cart runs its sweep. Also, if a book's due date is in the future, the cart ignores it entirely. This is exactly how DynamoDB TTL works: items have a timestamp attribute (the due date), DynamoDB's background process (the cart) periodically scans for expired items, marks them as expired (moves to the 'returned' bin), and then a separate garbage collection process permanently deletes them within the next 48 hours. The TTL process does not consume read/write capacity, just like the cart doesn't use library staff time.
What is DynamoDB TTL?
DynamoDB Time to Live (TTL) is a feature that automatically deletes items from a table after a specified expiration timestamp. It is designed to help you manage the lifecycle of your data without requiring custom code or scheduled jobs to delete old items. TTL is particularly useful for:
Session management: automatically removing expired user sessions.
Event logging: deleting log entries older than a retention period.
IoT data: expiring stale sensor readings.
Compliance: ensuring data is deleted after a legally mandated period.
How TTL Works Internally
TTL operates as a background process on each DynamoDB table partition. You enable TTL by specifying an attribute name that will hold the expiration timestamp. The attribute must store a Unix epoch timestamp in seconds (i.e., the number of seconds since January 1, 1970, 00:00:00 UTC).
Once enabled, DynamoDB performs two main actions: 1. Expiration marking: Within approximately 48 hours after the expiration timestamp passes, DynamoDB's background process scans the partition for items with an expired TTL attribute. When it finds one, it marks the item as expired and removes it from the query and scan results. The item is no longer visible to read operations (GetItem, Query, Scan) after this point. However, the item still physically exists on disk for a short period. 2. Permanent deletion: After an item is marked expired, DynamoDB schedules its permanent deletion. This deletion typically completes within 48 hours of the expiration timestamp, but the exact timing is not guaranteed. The deletion consumes no write capacity units (WCU) because it is handled internally by DynamoDB.
Key Components, Values, and Defaults
TTL attribute: The name of the attribute that stores the expiration timestamp. You specify this when enabling TTL on a table. The attribute must exist on items you want to expire; items without this attribute are never expired.
Timestamp format: Must be a number (or a string that can be parsed as a number) representing Unix epoch time in seconds. For example, 1672531199 for December 31, 2022, 23:59:59 UTC. Using milliseconds or any other format will cause the item to never expire.
Expiration delay: The time between when an item's TTL timestamp passes and when it is actually deleted is up to 48 hours. This is not configurable. DynamoDB aims to delete expired items promptly, but you should not rely on exact timing.
No cost: TTL expiration and deletion do not consume any read or write capacity. The background process is free.
Interaction with DynamoDB Streams: When an item is deleted by TTL, a stream record is generated with the event type REMOVE. This record appears in the stream within approximately 48 hours of expiration. You can use Lambda triggers to process these deletions (e.g., archive data before deletion).
Interaction with Global Tables: TTL works with global tables. Expired items are deleted independently in each region.
Interaction with backups: TTL deletions are included in on-demand backups and point-in-time recovery (PITR). If you restore a backup taken after TTL deletion, the deleted items will not be present. If you restore a backup taken before deletion, the items will be present (and will be expired again after restoration if TTL is still enabled).
Interaction with transactions: TTL does not interact with transactions. Expired items can still be part of a transaction if the transaction reads before the expiration marking, but this is unlikely in practice.
Configuring TTL
You can enable TTL using the AWS Management Console, AWS CLI, or SDK. The attribute name must be specified at enablement time; you cannot change it later without disabling and re-enabling TTL.
AWS CLI example:
aws dynamodb update-time-to-live \
--table-name MyTable \
--time-to-live-specification Enabled=true,AttributeName=expiryTo verify TTL status:
aws dynamodb describe-time-to-live --table-name MyTableOutput:
{
"TimeToLiveDescription": {
"TimeToLiveStatus": "ENABLED",
"AttributeName": "expiry"
}
}How to Set the TTL Attribute
When writing an item, you set the TTL attribute to a Unix epoch timestamp in seconds. For example, in Python using boto3:
import time
ttl = int(time.time()) + 3600 # expire in 1 hour
table.put_item(
Item={
'session_id': 'abc123',
'data': '...',
'expiry': ttl
}
)Monitoring TTL
You can monitor TTL deletions using Amazon CloudWatch metrics. DynamoDB emits the following metrics:
- TimeToLiveDeletedItemCount: The number of items deleted by TTL in a given period.
- TimeToLiveExpiredItemCount: The number of items marked as expired by TTL (available in some regions).
These metrics are aggregated at the table level, not per partition.
Best Practices
Always use Unix epoch seconds for the TTL attribute. Avoid using string timestamps like '2023-12-31T23:59:59Z' as they will not work.
Do not rely on TTL for immediate deletion. If you need precise control over deletion timing, implement a custom solution using a scheduled Lambda function.
When using TTL with DynamoDB Streams, be aware that the stream record for a TTL deletion has a userIdentity field set to {"type": "Service", "principalId": "dynamodb.amazonaws.com"}. This distinguishes TTL deletions from application-initiated deletions.
If you need to archive expired data, use a Lambda function triggered by the DynamoDB stream to copy the item to S3 or another storage before it is deleted.
For tables with autoscaling, TTL deletions do not affect provisioned throughput, so they are safe to use without impacting performance.
Common Pitfalls
Incorrect timestamp format: Using milliseconds instead of seconds, or using a string that is not parseable as a number, will cause items to never expire.
Missing TTL attribute: If an item does not have the TTL attribute, it will never be expired, even if other items in the same table have it.
Assuming immediate deletion: The up-to-48-hour delay can cause issues if you expect data to be removed instantly.
Using TTL for data that must be retained: TTL is not reversible. Once an item is deleted, it cannot be recovered unless you have a backup.
TTL and Security
TTL does not affect IAM permissions. Any user with permission to write to the table can set the TTL attribute. However, the deletion itself is performed by DynamoDB service, not by any user. You cannot prevent TTL from deleting an item once its timestamp has passed, except by updating the TTL attribute to a future time before it is marked as expired.
TTL and Capacity
TTL deletions do not consume WCU. However, updating an item's TTL attribute (e.g., to extend its life) does consume write capacity. The background marking and deletion are free.
Enable TTL on Table
You enable TTL on a DynamoDB table by specifying the attribute name that will store the expiration timestamp. This is done via the AWS Management Console, CLI, or SDK. Once enabled, DynamoDB begins scanning partitions for items with that attribute. The attribute must be a Number type containing a Unix epoch timestamp in seconds. The table's TTL status changes from 'ENABLING' to 'ENABLED' within minutes. During this time, no TTL deletions occur.
Item Written with TTL Attribute
When you write an item to the table, you set the TTL attribute to a future timestamp. This timestamp is the time at which you want the item to expire. For example, `expiry: 1672531199`. The item is stored normally and is immediately visible to all read operations. The TTL attribute is just another attribute; it does not affect the item's behavior until the timestamp passes.
Background Scan for Expired Items
DynamoDB runs a background process on each partition that periodically scans items to check if their TTL attribute is less than the current time (in seconds since epoch). This scan happens approximately every few hours but is not guaranteed at a specific interval. The scan does not consume read capacity units (RCU) because it is internal. When an expired item is found, it is marked for deletion.
Item Marked as Expired
Once an item's TTL timestamp is in the past, DynamoDB marks it as expired. After this marking, the item is no longer returned in any read operations (GetItem, Query, Scan). However, the item still exists on disk and consumes storage. This marking is atomic and happens quickly. The item is effectively invisible to applications from this point onward.
Permanent Deletion of Expired Item
Within approximately 48 hours of the expiration timestamp, DynamoDB permanently deletes the expired item from storage. This deletion is asynchronous and consumes no WCU. After deletion, the item is gone and cannot be recovered unless you have a backup. The deletion also generates a stream record if DynamoDB Streams is enabled on the table.
Enterprise Scenario 1: Session Management for a Web Application
A large e-commerce platform uses DynamoDB to store user sessions. Each session has a TTL of 24 hours from the last activity. The application updates the TTL attribute on every user action. When a user logs out, the TTL is set to the current time to force immediate expiration. The TTL background process ensures that stale sessions are automatically cleaned up without a custom garbage collector. This saves significant storage costs (millions of sessions per day) and eliminates the need for a scheduled job. The team monitors TimeToLiveDeletedItemCount to ensure the process is working. A common issue is that if the application fails to update the TTL on user activity, sessions expire prematurely, causing users to be logged out. To mitigate, the team uses a Lambda function triggered by DynamoDB Streams to archive sessions before deletion for audit purposes.
Enterprise Scenario 2: IoT Sensor Data Expiration
A smart agriculture company collects temperature and humidity readings from thousands of sensors every minute. They store the data in DynamoDB with a TTL of 30 days. After 30 days, the data is automatically deleted. This helps comply with data retention policies and reduces storage costs. The TTL attribute is set to current_time + 30 days when writing each record. The company also uses DynamoDB Streams to feed a Lambda function that copies expired data to Amazon S3 for long-term archival before deletion. A misconfiguration occurred when the development team mistakenly used milliseconds instead of seconds for the TTL timestamp, causing items to never expire. The storage costs skyrocketed until the issue was discovered by monitoring TimeToLiveDeletedItemCount being zero.
Enterprise Scenario 3: Regulatory Compliance for Financial Records
A financial services firm must retain transaction records for 7 years and then delete them. They use DynamoDB TTL with a TTL attribute set to 7 years from the transaction date. However, because TTL deletion can take up to 48 hours, they cannot rely on it for exact deletion at the 7-year mark. Instead, they use TTL as a safety net and run a quarterly Lambda function to explicitly delete records that are exactly 7 years old. The TTL ensures that even if the Lambda fails, old records are eventually removed. The firm also enables point-in-time recovery (PITR) to recover accidentally deleted data. They learned that TTL deletions are included in backups, so restoring a backup taken after deletion means the data is permanently gone.
What DVA-C02 Tests on TTL
The DVA-C02 exam tests your understanding of DynamoDB TTL under the 'Development with AWS Services' domain. Specific objectives include:
Implementing data lifecycle management using TTL.
Understanding TTL's interaction with DynamoDB Streams and Lambda.
Knowing the timestamp format (Unix epoch seconds).
Recognizing the 48-hour deletion window.
Identifying scenarios where TTL is appropriate vs. not.
Common Wrong Answers and Why Candidates Choose Them
'TTL deletes items immediately when the timestamp passes.' Candidates assume real-time deletion because the word 'expire' suggests instant action. The reality is a background process with up to 48-hour delay.
'TTL consumes write capacity units for deletions.' Candidates confuse TTL with normal writes. TTL deletions are free and don't consume WCU.
'You can use any date format for the TTL attribute.' Candidates think any timestamp works. The exam tests that only Unix epoch seconds are valid.
'TTL prevents reading expired items before deletion.' Actually, items are hidden from reads as soon as they are marked expired, which happens shortly after the timestamp passes, but not immediately.
'TTL works with Global Tables and replicates deletions instantly.' Deletions happen independently per region; replication is eventual.
Specific Numbers and Terms on the Exam
48 hours: The maximum time between expiration and deletion.
Unix epoch seconds: The required timestamp format.
TimeToLiveDeletedItemCount: The CloudWatch metric to monitor.
REMOVE event type: The stream event for TTL deletions.
userIdentity: {"type": "Service", "principalId": "dynamodb.amazonaws.com"} in stream records.
Edge Cases and Exceptions
If you update an item's TTL attribute to a past time, it will be expired on the next background scan.
If you delete the TTL attribute from an item, the item will never expire.
If you disable TTL, items that were already marked as expired will still be deleted, but no new items will be expired.
TTL does not work with the TimeToLiveSpecification if the attribute is not a Number type.
How to Eliminate Wrong Answers
If an answer says 'immediately,' it's likely wrong.
If an answer mentions 'consumes capacity,' it's wrong.
If an answer uses a timestamp format other than seconds, it's wrong.
If an answer says TTL guarantees deletion at a specific time, it's wrong.
Look for 'background process' and 'up to 48 hours' as correct phrasing.
TTL attribute must be a Number with Unix epoch timestamp in seconds.
Expired items are hidden from reads shortly after expiration, but deletion can take up to 48 hours.
TTL deletions do not consume read or write capacity units.
DynamoDB Streams records for TTL deletions have userIdentity set to 'dynamodb.amazonaws.com'.
Monitor TimeToLiveDeletedItemCount CloudWatch metric to verify TTL is working.
TTL is not suitable for scenarios requiring immediate or precisely timed deletion.
Disabling TTL does not restore already expired items; they will still be deleted.
These come up on the exam all the time. Here's how to tell them apart.
DynamoDB TTL
No custom code required for deletion logic.
Deletion is asynchronous with up to 48-hour delay.
No cost for deletion operations.
Cannot control exact deletion timing.
Integrated with DynamoDB Streams automatically.
Custom Scheduled Deletion (Lambda + CloudWatch)
Requires writing and maintaining Lambda function.
Deletion can be scheduled at precise intervals (e.g., every hour).
Lambda invocations and writes consume capacity and incur costs.
Full control over deletion logic and timing.
Must manually handle stream processing if needed.
Mistake
TTL deletes items exactly at the specified timestamp.
Correct
TTL marks items as expired after the timestamp passes, but actual deletion occurs within 48 hours. The item becomes invisible to reads soon after expiration, but not necessarily at the exact second.
Mistake
TTL deletions consume write capacity units.
Correct
TTL deletions are performed by DynamoDB's internal background process and do not consume any provisioned throughput. They are free of charge.
Mistake
You can use any date-time format for the TTL attribute.
Correct
The TTL attribute must be a Number containing a Unix epoch timestamp in seconds. Using strings or milliseconds will cause the item to never expire.
Mistake
TTL works with DynamoDB Accelerator (DAX) seamlessly.
Correct
DAX caches items independently. Expired items may still be served from the cache until the cache TTL expires. TTL does not invalidate DAX cache entries.
Mistake
Once TTL is enabled, you can change the attribute name anytime.
Correct
You cannot change the TTL attribute name without disabling and re-enabling TTL. Disabling TTL may cause items already marked for deletion to still be deleted.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
The maximum time is 48 hours. DynamoDB aims to delete expired items promptly, but the exact timing is not guaranteed. Items are typically removed within a few hours, but you should not rely on a specific window. This delay is because TTL uses a background scan process that runs periodically on each partition.
Yes. When an item is deleted by TTL, a stream record is generated with the event type 'REMOVE'. The record includes a userIdentity field set to {"type": "Service", "principalId": "dynamodb.amazonaws.com"} to indicate the deletion was performed by the TTL process. You can use a Lambda trigger to process these records, for example to archive data before deletion.
Not directly. Once an item is permanently deleted by TTL, it cannot be recovered unless you have a backup (on-demand or point-in-time recovery). If you restore a backup taken before the deletion, the item will be present. However, if TTL is still enabled, the item will be expired again after restoration. To prevent re-expiration, disable TTL before restoring.
If you set the TTL attribute to a timestamp that is in the past, DynamoDB will consider the item expired on the next background scan. The item will be marked as expired and eventually deleted. This can be used to manually expire items by setting their TTL to a past time.
Yes, TTL works with Global Tables. Each region independently manages TTL for its replicas. Expired items are deleted in each region according to the local TTL process. There is no cross-region coordination. Stream records for TTL deletions are generated in each region where the deletion occurs.
Yes. TTL deletions do not consume any provisioned throughput, so they do not affect autoscaling decisions. However, if you are updating the TTL attribute on items (e.g., extending sessions), those writes do consume capacity and can trigger scaling.
Use the CloudWatch metric 'TimeToLiveDeletedItemCount' for the table. This metric shows the number of items deleted by TTL over a period. You can also view 'TimeToLiveExpiredItemCount' in some regions. Set an alarm if the count drops to zero unexpectedly, which may indicate a misconfiguration.
You've just covered DynamoDB TTL and Item Expiration — now see how well it sticks with free DVA-C02 practice questions. Full explanations included, no account needed.
Done with this chapter?