This rule ensures that DynamoDB tables are encrypted using AWS KMS for enhanced security measures.
Rule | DynamoDB table should be encrypted with AWS KMS |
Framework | HIPAA |
Severity | ✔ Medium |
Rule Description: DynamoDB table encryption with AWS Key Management Service (KMS) for HIPAA compliance.
To comply with HIPAA regulations, DynamoDB tables should be encrypted with AWS Key Management Service (KMS). This helps protect sensitive healthcare data stored in the DynamoDB table, ensuring data confidentiality and integrity.
Troubleshooting Steps (if any):
If the DynamoDB table is not encrypted with AWS KMS, follow the steps below to troubleshoot and resolve the issue:
Necessary Codes (if any):
There are no specific codes required for this rule. Encryption of DynamoDB tables with AWS KMS can be configured through the AWS Management Console or via AWS CLI.
Step-by-Step Guide for Remediation:
Follow the steps below to encrypt a DynamoDB table with AWS KMS:
Please note that DynamoDB encryption with AWS KMS incurs additional costs associated with the AWS KMS key usage. Make sure to review the pricing details before enabling encryption.
For command-line interface (CLI) users, the encryption can also be enabled using AWS CLI commands. The following is an example command:
aws dynamodb update-table --table-name <table-name> --sse-specification Enabled=true --sse-type aws:kms --kms-master-key-id <kms-key-id>
Replace
<table-name>
with the name of the DynamoDB table and <kms-key-id>
with the ARN or alias of the AWS KMS key to be used for encryption.By following these steps, you can ensure that your DynamoDB table is encrypted with AWS KMS, meeting the HIPAA compliance requirements for data protection.