Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enable DynamoDB Table Auto Scaling Rule

Ensure DynamoDB table auto scaling is enabled to meet compliance standards.

RuleDynamoDB table auto scaling should be enabled
FrameworkNIST Cybersecurity Framework (CSF) v1.1
Severity
High

DynamoDB Table Auto Scaling for NIST Cybersecurity Framework (CSF) v1

Description:

Enabling DynamoDB table auto scaling ensures that your DynamoDB tables can automatically adjust their provisioned capacity in response to changes in workload, allowing your applications to handle traffic spikes and meet performance requirements efficiently. This rule is aligned with the NIST Cybersecurity Framework (CSF) v1, which emphasizes the need for adaptive capacity management to address varying workload demands.

Steps to Enable Auto Scaling for DynamoDB Tables:

  1. 1.

    Identify the DynamoDB table(s) that require auto scaling based on workload demands.

  2. 2.

    Ensure that you have the necessary permissions to enable auto scaling for DynamoDB tables. The minimum required permission is "dynamodb:UpdateTable".

  3. 3.

    Verify if your DynamoDB table(s) have a single partition key or a composite key structure. This information is vital to determine the auto scaling configuration.

  4. 4.

    Determine the desired read and write capacity units required for your DynamoDB table(s). These values should be based on your expected workload and performance requirements.

  5. 5.

    Use the following AWS CLI command to enable auto scaling for a DynamoDB table, replacing

    <table-name>
    with the actual table name:

aws dynamodb update-table --table-name <table-name> --provisioned-throughput AutoScalingSettingsUpdate={MinimumUnits=<min-capacity>,MaximumUnits=<max-capacity>,AutoScalingDisabled=false,AutoScalingRoleArn=<iam-role-arn>}
  • <min-capacity>
    : Set the minimum provisioned capacity units your table should be scaled down to.
  • <max-capacity>
    : Set the maximum provisioned capacity units your table should be scaled up to.
  • <iam-role-arn>
    : Provide the ARN of the IAM role that has permissions to manage DynamoDB auto scaling.
  1. 1.

    Repeat Step 5 for each DynamoDB table that requires auto scaling.

  2. 2.

    Monitor the DynamoDB table(s) to ensure that auto scaling is effectively adjusting provisioned capacity according to workload demands.

Troubleshooting:

  • If you encounter permission errors while trying to enable auto scaling, ensure that you have the correct IAM role ARN and the associated permissions.
  • If auto scaling is not functioning as expected, review the configured minimum and maximum capacity values. Adjust them if necessary based on workload patterns and performance requirements.
  • Check the DynamoDB CloudWatch metrics to verify if the provisioned capacity is being adjusted dynamically. If not, investigate the CloudWatch alarms or error logs for any potential issues.

Conclusion:

Enabling auto scaling for DynamoDB tables aligns with the NIST Cybersecurity Framework v1 by allowing adaptive capacity management. By automatically adjusting provisioned capacity, your DynamoDB tables can efficiently handle varying workload demands while ensuring optimal performance.

Is your System Free of Underlying Vulnerabilities?
Find Out Now