dynamodb-resources-protected-by-backup-plan - AWS Config

dynamodb-resources-protected-by-backup-plan

Checks if Amazon DynamoDB tables are protected by a backup plan. The rule is NON_COMPLIANT if the DynamoDB Table is not covered by a backup plan.

Identifier: DYNAMODB_RESOURCES_PROTECTED_BY_BACKUP_PLAN

Trigger type: Periodic

AWS Region: All supported AWS regions except China (Beijing), China (Ningxia), AWS GovCloud (US-East), AWS GovCloud (US-West), Asia Pacific (Jakarta), Asia Pacific (Osaka), Europe (Milan), Africa (Cape Town) Region

Parameters:

resourceTags (Optional)
Type: String

Tags for DynamoDB tables for the rule to check, in JSON format.

resourceId (Optional)
Type: String

Name of DynamoDB table for the rule to check.

crossRegionList (Optional)
Type: String

Comma-separated list of destination regions for the cross-region backup copy to be kept

crossAccountList (Optional)
Type: String

Comma-separated list of destination accounts for cross-account backup copy to be kept

maxRetentionDays (Optional)
Type: int

The maximum retention period in days for the Backup Vault Lock

minRetentionDays (Optional)
Type: int

The minimum retention period in days for the Backup Vault Lock

backupVaultLockCheck (Optional)
Type: String

Accepted values: 'True' or 'False'. Enter 'True' for the rule to check if the resource is backed up in a locked vault

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.