dynamodb-resources-protected-by-backup-plan

Checks if Amazon DynamoDB tables are protected by a backup plan. The rule is NON_COMPLIANT if the DynamoDB Table is not covered by a backup plan.

Identifier: DYNAMODB_RESOURCES_PROTECTED_BY_BACKUP_PLAN

Resource Types: AWS::DynamoDB::Table

Trigger type: Periodic

AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Malaysia), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), China (Ningxia), Europe (Zurich) Region

Parameters:

resourceTags (Optional)
Type: String: Tags for DynamoDB tables for the rule to check, in JSON format {"tagkey" : "tagValue"}.
resourceId (Optional)
Type: String: Name of DynamoDB table for the rule to check.
crossRegionList (Optional)
Type: String: Comma-separated list of destination regions for the cross-region backup copy to be kept
crossAccountList (Optional)
Type: String: Comma-separated list of destination accounts for cross-account backup copy to be kept
maxRetentionDays (Optional)
Type: int: The maximum retention period in days for the Backup Vault Lock
minRetentionDays (Optional)
Type: int: The minimum retention period in days for the Backup Vault Lock
backupVaultLockCheck (Optional)
Type: String: Accepted values: 'True' or 'False'. Enter 'True' for the rule to check if the resource is backed up in a locked vault

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

dynamodb-pitr-enabled

dynamodb-table-deletion-protection-enabled