When running inside AWS Lambda, you typically should not provide AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY manually. Lambda automatically assumes an IAM role that provides credentials.

const AWS = require("aws-sdk");

AWS.config.update({
  region: process.env.AWS_REGION,
});

const docClient = new AWS.DynamoDB.DocumentClient();

module.exports.DynamoDB = new AWS.DynamoDB();

module.exports.docClient = docClient;