Ensure DynamoDB PITR is enabled

Error: DynamoDB PITR is disabled

Policy ID: BC_AWS_GENERAL_6
Severity: INFO

DynamoDB PITR is disabled

Description

DynamoDB Point-In-Time Recovery (PITR) is an automatic backup service for DynamoDB table data that helps protect your DynamoDB tables from accidental write or delete operations. Once enabled, PITR provides continuous backups that can be controlled using various programmatic parameters. PITR can also be used to restore table data from any point in time during the last 35 days, as well as any incremental backups of DynamoDB tables.

Fix - Runtime

AWS Console

To change the policy using the AWS Console, follow these steps:

  1. Log in to the AWS Management Console at https://console.aws.amazon.com/.
  2. Open the Amazon DynamoDB console.
  3. Navigate to the desired DynamoDB table, then select the Backups tab.
  4. To turn the feature on, click Enable.
    The Earliest restore date and Latest restore date are visible within a few seconds.

CLI Command

To update continuous backup settings for a DynamoDB table:

aws dynamodb update-continuous-backups \
    --table-name MusicCollection \
    --point-in-time-recovery-specification PointInTimeRecoveryEnabled=true

Fix - Buildtime

Serverless/CloudFormation

  • Resource: AWS::DynamoDB::Table
  • Property: PointInTimeRecoverySpecification
  **Resources**:
    iotCatalog:
      Type: AWS::DynamoDB::Table 
      **Properties**:
        TableName: ${self:custom.iotCatalogTable}
        PointInTimeRecoverySpecification:
          PointInTimeRecoveryEnabled: true

Terraform

  • Resource: aws_dynamodb_table
  • Argument: point_in_time_recovery - (Optional) Point-in-time recovery options.
resource "aws_dynamodb_table" "basic-dynamodb-table" {
  name           = "GameScores"
  billing_mode   = "PROVISIONED"
  read_capacity  = 20
  write_capacity = 20
  hash_key       = "UserId"
  range_key      = "GameTitle"
+ point_in_time_recovery {
+   enabled = true
+  }
}

Updated about a month ago


Ensure DynamoDB PITR is enabled


Error: DynamoDB PITR is disabled

Policy ID: BC_AWS_GENERAL_6
Severity: INFO

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.