DynamoDB Table Point In Time Recovery Disabled

  • Query id: 327b0729-4c5c-4c44-8b5c-e476cd9c7290
  • Query name: DynamoDB Table Point In Time Recovery Disabled
  • Platform: Pulumi
  • Severity: Info
  • Category: Best Practices
  • CWE: 459
  • URL: Github

Description

It's considered a best practice to have point in time recovery enabled for DynamoDB Table
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:dynamodb:Table
    properties:
      serverSideEncryption:
        enabled: true
---
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:dynamodb:Table
    properties:
      serverSideEncryption:
        enabled: true
      pointInTimeRecovery:
        enabled: false

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:dynamodb:Table
    properties:
      serverSideEncryption:
        enabled: true
      pointInTimeRecovery:
        enabled: true