Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: DynamoDB Tables in Backup Plan

Ensure all DynamoDB tables are included in a backup plan for data protection and security.

RuleDynamoDB tables should be in a backup plan
FrameworkNIST 800-53 Revision 5
Severity
Medium

Rule Description:

According to the NIST 800-53 Revision 5 guidelines, it is required to include DynamoDB tables in the backup plan. This rule ensures that appropriate measures are taken to protect and recover critical data stored in DynamoDB tables in the event of data loss, disaster, or system failure.

Troubleshooting Steps:

  2. 1.
    Identify if DynamoDB tables are included in the backup plan.
  4. 2.
    Check if the backup frequency aligns with the organization's data retention policies.
  6. 3.
    Verify if proper backup and recovery procedures for DynamoDB tables are in place.
  8. 4.
    Examine if the backups are stored securely and can be easily restored if needed.

Necessary Codes:

There are no specific codes mentioned in the rule/policy. However, the following AWS CLI commands can be used to set up and manage backups for DynamoDB tables:

  2. 1.
    Creating a Backup:
aws dynamodb create-backup --table-name <table-name> --backup-name <backup-name>
  2. 1.
    Listing Backups:
aws dynamodb list-backups --table-name <table-name>
  2. 1.
    Restoring from Backup:
aws dynamodb restore-table-from-backup --target-table-name <target-table-name> --backup-arn <backup-arn>
  2. 1.
    Deleting a Backup:
aws dynamodb delete-backup --backup-arn <backup-arn>

Step-by-Step Guide for Remediation:

  2. 1.

    Review Backup Strategy:

    • Determine the backup frequency required for DynamoDB tables based on your organization's data retention policy and compliance requirements.
    • Define the backup retention period, ensuring it aligns with the backup strategy.
  4. 2.

    Enable Continuous Backups:

    • Enable continuous backups for all important DynamoDB tables to ensure point-in-time recovery is possible.
    • Use the AWS Management Console or AWS CLI to enable continuous backups.
  6. 3.

    Configure Point-in-Time Recovery (PITR):

    • Enable Point-in-Time Recovery for DynamoDB tables to allow recovery to any point within a specified time window.
    • Set the Recovery Window parameter based on your recovery objectives.
  8. 4.

    Validate Backup and Recovery Procedures:

    • Test the backup and recovery procedures for DynamoDB tables periodically to ensure their effectiveness.
    • Verify that backups can be restored successfully within an acceptable timeframe.
  10. 5.

    Monitor Backup Status:

    • Regularly monitor the status and completion of backups to confirm their successful execution.
    • Utilize CloudWatch alarms or other monitoring tools to receive notifications in case of backup failures.
  12. 6.

    Document and Train:

    • Document the backup plan and procedures for DynamoDB tables, including all necessary steps and commands.
    • Train relevant personnel on the backup and recovery procedures to ensure their proper execution during critical situations.

By following these steps, you will ensure compliance with the NIST 800-53 Revision 5 requirement of including DynamoDB tables in the backup plan.

Is your System Free of Underlying Vulnerabilities?
Find Out Now