AWS Config Rule: DynamoDB Table Encrypted With KMS

Description: Checks if Amazon DynamoDB table is encrypted with AWS Key Management Service (KMS). The rule is NON_COMPLIANT if Amazon DynamoDB table is not encrypted with AWS KMS. The rule is also NON_COMPLIANT if the encrypted AWS KMS key is not present in kmsKeyArns input parameter.

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Canada West (Calgary), Europe (Spain) Region

To resolve this manually, login to your AWS Management Console and navigate to DynamoDB.

Select the desired DynamoDB Table and under Table details click on Manage Encryption.

Click on any KMS Option (It could be your own KMS - Customer managed CMK or KMS - AWS managed CMK)

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here