Storage: add support for AWS DynamoDB

[QuingKhaos]

What would you like to be added

Add support for a DynamoDB storage backend. Although MySQL is available, it would require to run a RDS Instance for it. Extra costs, backup considerations, etc. Even with Aurora Serverless.

DynamoDB is just there, scales as needed with OnDemand pricing and has fine backup capabilities.

Why this is needed

We plan to run step-ca in AWS ECS on Fargate and with KMS, so we prefer to use DynamoDB as storage backend too.

[maraino]

Hi @EmiiKhaos it would be nice to have DynamoDB as a backend. Our current plans for the storage backend is to add support for "structured" SQL (with tables, columns, ...) for MySQL and PostgreSQL. I'm gonna add this to our backlog. But we will gladly welcome a contribution from the community for something like this.

The implementation that I see more obvious would be to write the DB interface available at https://github.com/smallstep/nosql/blob/master/database/database.go#L90-L113

Would you be able to take the challenge?

[km274]

I started working on this, but I ran into what seems to me to be a blocker - DynamoDB doesn't have the level of support for transactions that the DB interface's Update function requires. You can group read operations with TransactGetItems and you can group write operations with TransactWriteItems, but you can't group read and write operations together, and transactions aren't supported at all for creating and deleting tables. See here: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/transactions.html.

Assuming that full support for transactions is important, should this issue just be closed?