dynamodb-resources-protected-by-backup-plan
Checks if Amazon DynamoDB tables are protected by a backup plan. The rule is NON_COMPLIANT if the DynamoDB Table is not covered by a backup plan.
Identifier: DYNAMODB_RESOURCES_PROTECTED_BY_BACKUP_PLAN
Resource Types: AWS::DynamoDB::Table
Trigger type: Periodic
AWS Region: All supported AWS regions
Parameters:
- resourceTags (Optional)
- Type: String
-
Tags for DynamoDB tables for the rule to check, in JSON format
{"tagkey" : "tagValue"}
. - resourceId (Optional)
- Type: String
-
Name of DynamoDB table for the rule to check.
- crossRegionList (Optional)
- Type: String
-
Comma-separated list of destination regions for the cross-region backup copy to be kept
- crossAccountList (Optional)
- Type: String
-
Comma-separated list of destination accounts for cross-account backup copy to be kept
- maxRetentionDays (Optional)
- Type: int
-
The maximum retention period in days for the Backup Vault Lock
- minRetentionDays (Optional)
- Type: int
-
The minimum retention period in days for the Backup Vault Lock
- backupVaultLockCheck (Optional)
- Type: String
-
Accepted values: 'True' or 'False'. Enter 'True' for the rule to check if the resource is backed up in a locked vault
AWS CloudFormation template
To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.