AWS Config Rule: DynamoDB Table Encrypted With KMS


Fernando Honig

Last Update 4 days ago

Description: Checks if Amazon DynamoDB table is encrypted with AWS Key Management Service (KMS). The rule is NON_COMPLIANT if Amazon DynamoDB table is not encrypted with AWS KMS. The rule is also NON_COMPLIANT if the encrypted AWS KMS key is not present in kmsKeyArns input parameter.

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Canada West (Calgary), Europe (Spain) Region

How to Resolve Manually

To resolve this manually, login to your AWS Management Console and navigate to DynamoDB.

Select the desired DynamoDB Table and under Table details click on Manage Encryption.

Click on any KMS Option (It could be your own KMS - Customer managed CMK or KMS - AWS managed CMK)

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us