Ensure that your Amazon DynamoDB tables are using the on-demand backup and restore feature for data protection and archival purposes, and help you meet regulatory requirements within your organization. Along with data, Global Secondary Indexes (GSIs), Local Secondary Indexes (LSIs), streams and provisioned read/write capacity are also included in the table backups. The backup/restore process does not consume any provisioned capacity and has no impact on the performance and availability of your DynamoDB applications.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
With Amazon DynamoDB on-demand backup and restore functionality you can protect your DynamoDB data from loss due to application errors and retain it for regulatory compliance purposes.
Audit
To determine if your Amazon DynamoDB tables are using the on-demand backup and restore functionality to perform data backups, perform the following actions:
Remediation / Resolution
To make use of Amazon DynamoDB On-Demand Backup and Restore functionality, you need to create full table backups and restore them when needed. The following section demonstrates how to create and restore an existing table in order to use the on-demand backup and restore feature:
References
- AWS Documentation
- FAQs
- Backup and Restore
- On-Demand Backup and Restore for DynamoDB
- Backup and Restore: How It Works
- Backing Up a DynamoDB Table
- Restoring a DynamoDB Table from a Backup
- Point-in-time recovery: How it works
- AWS Command Line Interface (CLI) Documentation
- list-tables
- describe-table
- list-recovery-points-by-resource
- create-backup
- restore-table-from-backup
- AWS Blog(s)
- AWS Launches Amazon DynamoDB Backup and Restore
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
DynamoDB Backup and Restore
Risk Level: High