Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enable DynamoDB Table Point-in-Time Recovery Rule

This rule requires enabling point-in-time recovery for DynamoDB tables.

RuleDynamoDB table point-in-time recovery should be enabled
FrameworkFedRAMP Low Revision 4
Severity
Low

Rule Description

The DynamoDB table point-in-time recovery feature should be enabled for FedRAMP Low Revision 4 compliance. Point-in-time recovery allows you to restore your DynamoDB tables to any second during the preceding 35-day period, thereby protecting against accidental data loss. This requirement ensures that data durability and recoverability measures are in place, which are essential for compliance with FedRAMP Low Revision 4 standards.

Remediation Steps

Follow the steps below to enable point-in-time recovery for your DynamoDB table:

Step 1: Access the AWS Management Console

Navigate to the AWS Management Console by visiting https://console.aws.amazon.com/ and enter your login credentials.

Step 2: Access DynamoDB Service

From the AWS Management Console homepage, search for "DynamoDB" in the search bar at the top. Click on the "DynamoDB" service from the search results to access the DynamoDB console.

Step 3: Select the DynamoDB Table

In the DynamoDB console, select the table for which you want to enable point-in-time recovery from the list of available tables.

Step 4: Go to the "Backup and Restore" tab

In the left-hand menu, click on the "Backup and Restore" tab to access the point-in-time recovery settings.

Step 5: Enable Point-in-time Recovery

Under the "Backup and Restore" tab, check if the option for point-in-time recovery is already enabled. If not, click on the "Enable" button to enable point-in-time recovery for the selected table.

Step 6: Configure Recovery Window

After enabling point-in-time recovery, you can configure the recovery window. The recovery window determines the maximum duration in days that a table can be restored to a specific point in time. Configure the recovery window according to your requirements.

Step 7: Save Changes

Click on the "Save Changes" button to apply the configuration and enable point-in-time recovery for the selected DynamoDB table.

Troubleshooting

In case you encounter any issues while enabling point-in-time recovery, refer to the troubleshooting steps below:

Troubleshooting Step 1: Check IAM Permissions

Ensure that your IAM user or role has the necessary permissions to enable point-in-time recovery for DynamoDB tables. You should have permissions such as

dynamodb:EnableContinuousBackups
and
dynamodb:UpdateTimeToLive
.

Troubleshooting Step 2: Verify Region Availability

Point-in-time recovery is not available in all AWS regions. Ensure that you are using a region where point-in-time recovery is supported. Refer to the AWS Regional Services List for availability details.

Troubleshooting Step 3: Check Table Limitations

Note that not all types of DynamoDB tables support point-in-time recovery. Verify that your table is compatible with this feature. On-demand backup tables and tables with PITR disabled cannot have point-in-time recovery enabled.

Troubleshooting Step 4: Verify IAM Policies

Double-check your IAM policies to ensure they are correctly configured and grant the necessary permissions for enabling point-in-time recovery.

If the above troubleshooting steps do not resolve the issue, consider verifying the AWS DynamoDB documentation or reaching out to AWS Support for further assistance.

Additional Notes

None.

Relevant Codes

There are no specific codes required for enabling point-in-time recovery in DynamoDB as it can be achieved through the AWS Management Console.

Is your System Free of Underlying Vulnerabilities?
Find Out Now