Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: DynamoDB Table Point-in-Time Recovery Enabled

Check if DynamoDB table point-in-time recovery is enabled for compliance.

RuleDynamoDB table point-in-time recovery should be enabled
FrameworkCISA-cyber-essentials
Severity
Low

DynamoDB Table Point-in-Time Recovery Rule

Rule Description:

The DynamoDB table point-in-time recovery (PITR) should be enabled for CISA Cyber Essentials compliance. PITR allows you to restore your table to any point in time within the specified retention period, helping to protect against accidental data deletion or corruption. Enabling PITR ensures data availability and facilitates data recovery as per the CISA Cyber Essentials requirements.

Troubleshooting Steps:

If PITR is not enabled for the DynamoDB table, follow these troubleshooting steps:

  1. 1.
    Verify Table Status: Check if the DynamoDB table status is 'ACTIVE'.
  2. 2.
    Review IAM Permissions: Ensure that the IAM role associated with the DynamoDB table has the necessary permissions to enable PITR.
  3. 3.
    Check PITR Status: Validate if PITR is already enabled or disabled for the DynamoDB table.

Necessary Code:

The following AWS SDK code snippet demonstrates enabling PITR for a DynamoDB table using the AWS CLI:

aws dynamodb update-continuous-backups --table-name TableName --point-in-time-recovery-specification PointInTimeRecoveryEnabled=true

Replace

TableName
with the name of your DynamoDB table.

Remediation Steps:

To enable PITR for a DynamoDB table, follow the step-by-step guide:

  1. 1.
    Open the AWS Management Console and navigate to the DynamoDB service.
  2. 2.
    Select the desired DynamoDB table.

Option 1: Using the AWS Management Console

  1. 1.
    Click on the "Backup/Restore" tab.
  2. 2.
    Check if PITR is already enabled. If not, proceed to the next step.
  3. 3.
    Click on the "Enable Point-in-Time Recovery" button.
  4. 4.
    Click "Enable" in the confirmation dialog to enable PITR for the selected DynamoDB table.

Option 2: Using the AWS CLI

  1. 1.
    Open the AWS CLI or a terminal with the AWS CLI installed.
  2. 2.
    Run the following command to enable PITR for the DynamoDB table:
    aws dynamodb update-continuous-backups --table-name TableName --point-in-time-recovery-specification PointInTimeRecoveryEnabled=true
    
    Replace
    TableName
    with the name of your DynamoDB table.

Conclusion:

Enabling DynamoDB table point-in-time recovery is crucial to comply with CISA Cyber Essentials requirements. By following the provided troubleshooting steps, necessary code, and remediation guide, you can ensure that PITR is enabled for the DynamoDB table. This adds an additional layer of data protection, enabling easy recovery in case of accidental data loss or corruption.

Is your System Free of Underlying Vulnerabilities?
Find Out Now