Enable DynamoDB Table Auto Scaling Rule
This rule requires enabling auto scaling for DynamoDB tables
| Rule | DynamoDB table auto scaling should be enabled |
| Framework | NIST Cybersecurity Framework (CSF) v1.1 |
| Severity | ✔ High |
Rule Description: DynamoDB table auto scaling should be enabled for compliance with the NIST Cybersecurity Framework (CSF) v1.
Enabling auto scaling for DynamoDB tables ensures efficient resource utilization and helps maintain desired performance levels while adhering to the NIST Cybersecurity Framework (CSF) v1. This rule promotes the scalability and security of DynamoDB tables, aligning with the best practices defined by NIST.
Remediation Steps:
- 1.
Step 1: Verify IAM permissions: Ensure that you have the necessary IAM permissions to enable auto scaling for the DynamoDB table. Required permissions include
anddynamodb:UpdateTable
.application-autoscaling:RegisterScalableTarget - 2.
Step 2: Enable auto scaling: Enable auto scaling for the desired DynamoDB table by following these steps:
a. Open the AWS Management Console and navigate to the DynamoDB service.
b. Select the relevant region where the target DynamoDB table is located.
c. Click on the desired DynamoDB table from the list of available tables.
d. In the table overview, select the "Capacity" tab.
e. Under "Auto Scaling", click on the "Manage auto scaling" button.
f. Click on the "Create scaling policy" button.
g. Configure the auto scaling policy based on your desired scaling behavior, such as minimum and maximum capacity units, target utilization, and scaling steps.
h. Review the policy settings and click on the "Create" button to enable the auto scaling policy.
- 3.
Step 3: Test and monitor: After enabling auto scaling, it is important to test and monitor the behavior of the DynamoDB table to ensure that it scales properly based on your defined scaling policy. You can simulate workload scenarios or gradually increase/decrease the load to observe auto scaling in action.
- 4.
Step 4: Troubleshooting: In case you encounter issues with auto scaling or unexpected behaviors, follow these troubleshooting steps:
a. Verify IAM permissions: Ensure that the IAM user or role associated with the auto scaling policy has necessary permissions to make updates to the DynamoDB table and register scalable targets.
b. Check CloudWatch alarms: Auto scaling leverages CloudWatch alarms to trigger scaling actions. Go to the CloudWatch service, select "Alarms", and verify if the alarms associated with your DynamoDB table are correctly configured and triggered.
c. Check DynamoDB table configuration: Double-check the table configuration and ensure that all necessary indexes, key attributes, and attributes are properly defined. Misconfigured tables can impact the effectiveness of auto scaling.
d. Review scaling policy settings: If the scaling behavior is not as expected, review the configured scaling policies and adjust them based on your requirements. This includes modifying minimum and maximum capacity units, target utilization, and scaling steps.
Code Examples:
There are no specific code examples for enabling auto scaling for DynamoDB tables in this scenario. The configuration is performed through the AWS Management Console, as described in the remediation steps above.