Ensure that your AWS DynamoDB tables make use of Point-in-time Recovery (PITR) feature in order to automatically take continuous backups of your DynamoDB data. Amazon DynamoDB service can back up your data with per-second granularity and restore it to any single second from the time PITR was enabled up to the prior 35 days. DynamoDB continuous backups represent an additional layer of insurance against accidental loss of data on top of on-demand backups. The data restored using the Point-in-time Recovery feature includes Global Secondary Indexes (GSIs) and Local Secondary Indexes (LSIs).
This rule can help you with the following compliance standards:
For further details on compliance standards supported by Conformity, see here.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
Once enabled, DynamoDB continuous backups, powered by Point-in-time Recovery (PITR) feature, will help you protect your DynamoDB data against accidental writes or deletes.
To determine if continuous backups are enabled for your Amazon DynamoDB tables, perform the following actions:
Remediation / Resolution
To make use of Point-in-time Recovery (PITR) feature and enable continuous backups for your Amazon DynamoDB tables, perform the following actions:
- AWS Documentation
- Amazon DynamoDB FAQs
- Point-in-Time Recovery for DynamoDB
- Point-in-Time Recovery: How It Works
- AWS Command Line Interface (CLI) Documentation
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
DynamoDB Continuous Backups
Risk level: High