Ensure that DynamoDB tables have auto scaling enabled to meet compliance standards.
Rule | DynamoDB table auto scaling should be enabled |
Framework | FedRAMP Low Revision 4 |
Severity | ✔ High |
Rule Description
The rule requires enabling auto scaling for DynamoDB tables in compliance with the FedRAMP Low Revision 4 security standards. Auto scaling ensures that the provisioned read and write capacity for DynamoDB tables automatically adjusts based on the workload, allowing efficient handling of traffic fluctuations while optimizing costs.
Troubleshooting Steps
If auto scaling for the DynamoDB tables is not enabled, you may encounter the following issues:
Code Example
To enable auto scaling for a DynamoDB table, you can use the AWS Command Line Interface (CLI) or AWS SDKs. Here's an example using the AWS CLI:
aws application-autoscaling register-scalable-target --service-namespace dynamodb --resource-id <table_ARN> --scalable-dimension dynamodb:table:ReadCapacityUnits --min-capacity <min_read_capacity_units> --max-capacity <max_read_capacity_units>
Replace
<table_ARN>
with the ARN (Amazon Resource Name) of the DynamoDB table, <min_read_capacity_units>
with the desired minimum read capacity units, and <max_read_capacity_units>
with the desired maximum read capacity units.It is essential to perform a similar command for write capacity scaling as well, replacing
--scalable-dimension dynamodb:table:ReadCapacityUnits
with --scalable-dimension dynamodb:table:WriteCapacityUnits
.Remediation Steps
To enable auto scaling for a DynamoDB table in AWS, follow these step-by-step instructions:
Open the AWS Management Console and navigate to the DynamoDB service.
From the left navigation pane, select "Tables" to view the list of available tables.
Locate the target table and click on its name to open the details page.
In the table details page, select the "Capacity" tab.
Under the "Auto Scaling" section, click on the "Manage Auto Scaling" button.
In the "Configure settings for auto scaling" dialog, select the appropriate "Read" or "Write" capacity unit from the drop-down menu.
Enable the "Use adaptive capacity" option to allow auto scaling to adjust the provisioned capacity based on workload.
Specify the desired minimum and maximum capacity units for auto scaling.
Click on the "Save changes" button to enable auto scaling for the table.
Repeat the above steps for all other DynamoDB tables that need auto scaling enabled.
Remember to adjust the minimum and maximum capacity units according to your expected workload and performance requirements.
By following these steps, you will ensure that DynamoDB tables comply with the FedRAMP Low Revision 4 security standard, ensuring efficient and cost-effective scaling of read and write capacity based on workload demands.