[DynamoDB.2]
DynamoDB tables should have point-in-time recovery enabled
Description
All DynamoDB tables should have Point-in-Time Recovery (PITR) enabled. PITR creates backups of data for a quicker recovery from a security incident. DynamoDB with PITR enabled can be restored to any point in the last 35 days. To make this rule COMPLIANT, you must enable PITR for all tables in DynamoDB.
Details
| Property | Value |
|---|---|
| Category | Recover > Resilience > Backups enabled |
| Compliance Control ID | DynamoDB.2 |
| FortifyFox ID | FF100054 |
| Link | DynamoDB.2 Compliance |
| Resource Type(s) | AWS::DynamoDB::Table |
| Severity | Medium |
Remediation
Use the following CloudFormation templates to deploy a Dynamo DB table compliant with DynamoDB.2
YAML Template
Resources:
dynamoTable:
Type: AWS::DynamoDB::Table
Properties:
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: true
JSON Template
{
"Resources": {
"dynamoTable": {
"Type": "AWS::DynamoDB::Table",
"Properties": {
"PointInTimeRecoverySpecification": {
"PointInTimeRecoveryEnabled": true
}
}
}
}
}