01 - DynamoDB Tables Encrypted

Ensure DynamoDB is Using Account Specific Encryption

DynamoDB is an amazon proprietary key value store. Since DynamoDB could have sensitive data it should be encrypted at rest with a key that is specific to your account. It is for this reason why encrypting your tables is a security best practice and will help you with NIST, GDPR, HIPPA & PCI-DSS compliance.

Audit & Remediation

Login into your AWS account
Navigate to the EC2 service at: https://console.aws.amazon.com/dynamodb
On the DynamoDB main page, expand the left panel and navigate to Tables.

Look at each table that is listed here. Any table that has DEFAULT has an encryption level of AWS wide, meaning the same encryption key is used across all AWS customer accounts using this level.
Select the table that has DEFAULT listed.
Under the Overview tab, under Table details, select Manage Encryption next to Encryption Type.

Under Manage Encryption, select that Customer managed CMK or AWS managed CMK depending on your desired protection level.

Repeat these steps outlined for each DynamoDB table that you have.
Repeat these steps outlined for each Region that you are using.
Repeat these steps outlined for each account that you have.

See all of your AWS EC2 Instances in a single place!

Do you want to see all of your AWS EC2 Instances in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.