Medium

Ensure DynamoDB tables have point in time recovery enabled

Availability
Description

By enabling Amazon DynamoDB continuous backups, which are powered by the Point-in-time Recovery (PITR) feature, you can safeguard your DynamoDB data against accidental writes or deletes. With this feature, you no longer have to worry about creating, maintaining, or scheduling on-demand backups. To ensure that your DynamoDB data is continuously backed up, it's important to enable the Point-in-time Recovery (PITR) feature for your Amazon DynamoDB tables. With this feature, the DynamoDB cloud service can automatically take backups of your data with per-second granularity and restore it to any single second from the time PITR was enabled up to the prior 35 days. This additional layer of insurance against accidental data loss works alongside on-demand backups. The Point-in-time Recovery feature also includes Global Secondary Indexes (GSIs) and Local Secondary Indexes (LSIs) in the data restoration process. Therefore, by enabling this feature, you can ensure that your DynamoDB data is fully protected and easily recoverable in the event of accidental loss or corruption.

Remediation

Enabling the Point-in-time Recovery (PITR) feature for your DynamoDB tables is crucial to ensure continuous backups of your data and quick recovery in case of accidental data loss or corruption. The following are remediation steps to ensure DynamoDB tables have Point-in-time Recovery enabled:

  1. Identify the DynamoDB tables that do not have the Point-in-time Recovery feature enabled. You can use the AWS Management Console or AWS CLI to identify the tables that are not enabled with this feature.
  2. Evaluate the impact of enabling Point-in-time Recovery on each DynamoDB table. Enabling this feature may increase the cost of DynamoDB operations and require additional resources. Therefore, it's essential to assess the potential impact on each DynamoDB table and determine if the benefits of PITR outweigh the costs.
  3. Take a snapshot of each DynamoDB table before enabling Point-in-time Recovery. Taking a snapshot ensures that you have a backup of your data before making any changes.
  4. Enable the Point-in-time Recovery feature for each DynamoDB table using the AWS Management Console or AWS CLI. The process of enabling this feature involves modifying the table's configuration to automatically take backups with per-second granularity and restore it to any single second from the time PITR was enabled up to the prior 35 days.
  5. Monitor the DynamoDB tables after enabling Point-in-time Recovery. It's essential to monitor the tables to ensure that they are functioning correctly and to detect any issues that may arise.
  6. Test the data recovery process. Once Point-in-time Recovery is enabled, you should test the data recovery process to ensure that it works correctly. You can simulate a data loss scenario and recover the data from the backups created by the PITR feature.
  7. Review the AWS documentation and best practices for Point-in-time Recovery. AWS provides extensive documentation and best practices for configuring the PITR feature, which you should review to ensure that you are using it correctly.

By following these steps, you can ensure that your DynamoDB tables have Point-in-time Recovery enabled, which can help you protect your data against accidental writes or deletes and quickly recover from data loss or corruption.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps