AWS DynamoDB Audit

Your AWS DynamoDB holds data of your customer and it needs to be safeguarded.

What we do?

AWS DynamoDB Tables Should Use KMS CMKs for Encryption

Amazon DynamoDB tables should be using AWS-managed Customer Master Keys (CMKs) instead of AWS-owned CMKs for Server-Side Encryption (SSE), in order to meet strict encryption compliance and regulatory requirements. DynamoDB supports to switch from AWS-owned CMKs to customer-managed CMKs managed using Amazon Key Management Service (KMS), without any code to encrypt the data.

DynamoDB Tables Should Have Autoscaling Enabled

Amazon DynamoDB Auto Scaling feature should be enabled to dynamically adjust provisioned throughput (read and write) capacity for your tables and global secondary indexes. This can make it easier to administer your DynamoDB data, help you maximize your application availability and reduce your DynamoDB costs.

DynamoDB Tables Should Have Continuous Backup Enabled

DynamoDB table without backup can result in accidental data loss. Your AWS DynamoDB tables should make use of Point-in-time Recovery (PITR) feature in order to automatically take continuous backups of your DynamoDB data.

VPC Endpoint Should Be Enabled For DynamoDB

A VPC endpoint for DynamoDB enables Amazon EC2 instances in your VPC to use their private IP addresses to access DynamoDB with no exposure to the public internet. Your EC2 instances do not require public IP addresses, and you do not need an internet gateway, a NAT device, or a virtual private gateway in your VPC.

AWS Account Should Not Have Any Unused DynamoDB Tables

Any unused Amazon DynamoDB tables available within your AWS account should be removed to help lower the cost of your monthly AWS bill.


Not ready for a free signup yet? No worries!

We suggest you use the checklist!

If you are not yet convinced to sign up with Cloudanix, that's not a problem. We recommend you use a comprehensive checklist which your team can use to perform a manual assessment of your workload.