The setup did not mention it, but the AWS elastic beanstalk role (aws-elasticbeanstalk-ec2-role) needed a DynamoDB access policy in order to create users. Once I added the AmazonDynamoDBFullAccess (some smaller/more restrictive policy would probably work), the app was able to create the Dynamo tables needed to write users into.
This was not obvious until inspecting the log files from the application server that beanstalk launched.
The setup did not mention it, but the AWS elastic beanstalk role (aws-elasticbeanstalk-ec2-role) needed a DynamoDB access policy in order to create users. Once I added the AmazonDynamoDBFullAccess (some smaller/more restrictive policy would probably work), the app was able to create the Dynamo tables needed to write users into.
This was not obvious until inspecting the log files from the application server that beanstalk launched.