Do I have to sanitize user supplied input before I query DynamoDB or does DynamoDB handle sanitization itself ? (or through it's respective SDKs like through boto3)
As an example, this is possible in MongoDB (also a NoSQL database)
function() { return obj.credits—obj.debits < 0;var date=new Date(); do{curDate = new Date();}while(curDate-date<10000); }
I already found some techniques used here:
It's not clear what are you trying to guard against? Strings are limited to 400kb limit, from a DDB perspective that's all to worry about.
DynamoDB does not execute code with user defined functions or anything so there's no risk of injection threats to execute server side code.