Enable Rule: DynamoDB Table Point-in-Time Recovery
Ensure DynamoDB table point-in-time recovery is enabled to meet compliance standards.
| Rule | DynamoDB table point-in-time recovery should be enabled |
| Framework | NIST 800-53 Revision 4 |
| Severity | ✔ Low |
DynamoDB Table Point-in-Time Recovery
Description
DynamoDB is a managed NoSQL database service provided by Amazon Web Services (AWS). One of the important features offered by DynamoDB is point-in-time recovery (PITR), which allows you to restore your table data to any point within a specified recovery window.
To meet the compliance requirements of NIST 800-53 Revision 4, it is advisable to enable point-in-time recovery for your DynamoDB tables. This ensures that you have an additional layer of data protection and can recover from any accidental data loss or corruption.
Enabling PITR creates and maintains continuous backups of your DynamoDB table, capturing every write activity within the specified recovery window. This enables you to easily restore your table to a specific point in time, such as just before an erroneous update or deletion occurred.
Troubleshooting Steps (if applicable)
- 1.Check if the DynamoDB table is in an active state.
- 2.Verify if the required AWS Identity and Access Management (IAM) permissions are properly configured.
- 3.Ensure that you have the necessary AWS key pair or access keys to perform the required actions.
Necessary Code (if applicable)
There is no specific code required to enable point-in-time recovery. It is an option that can be enabled directly in the AWS Management Console or using AWS SDKs and APIs.
Step-by-Step Guide for Remediation
Enabling Point-in-Time Recovery for DynamoDB Table
- 1.Sign in to the AWS Management Console.
- 2.Navigate to the DynamoDB service.
- 3.Select the desired DynamoDB table that you want to enable point-in-time recovery for.
- 4.Click on the "Backup and restore" tab.
- 5.Under the "Continuous backups" section, click the "Edit" button.
- 6.Enable the "Point-in-time recovery" option.
- 7.Specify the preferred recovery window by setting the "Backup retention period" (in hours).
- 8.Click the "Save" button to enable point-in-time recovery for the selected DynamoDB table.
Restoring DynamoDB Table using Point-in-Time Recovery
- 1.Sign in to the AWS Management Console.
- 2.Navigate to the DynamoDB service.
- 3.Select the DynamoDB table you wish to restore.
- 4.Click on the "Backup and restore" tab.
- 5.Under the "Continuous backups" section, click the "Restore table from backup" button.
- 6.Select the desired point in time from the available backups.
- 7.Provide a new table name for the restored table.
- 8.Click the "Restore" button to initiate the restoration process.
- 9.Once the restoration is complete, you can access the restored table using the new table name specified.
Conclusion
Enabling point-in-time recovery for your DynamoDB table as per the NIST 800-53 Revision 4 guidelines helps to ensure the integrity and availability of your data. By following the step-by-step guide provided, you can easily enable and leverage this feature to protect your table from accidental data loss or corruption while adhering to compliance requirements.