SDB domain declared as a resource
This product is not supported for your selected
Datadog site. (
).
Id: 6ea57c8b-f9c0-4ec7-bae3-bd75a9dee27d
Cloud Provider: AWS
Platform: CloudFormation
Severity: Low
Category: Resource Management
Learn More
Description
Declaring an AWS SimpleDB domain is discouraged because SimpleDB is a legacy service that lacks many modern security and operational controls. This increases the risk of data exposure and creates maintenance and compliance challenges.
CloudFormation resources with Type: "AWS::SDB::Domain" must not be defined. Any resource of that type will be flagged by this rule. Use supported services such as Amazon DynamoDB, Amazon RDS, or Amazon S3 with server-side encryption and appropriate IAM controls as secure alternatives.
Secure alternative (DynamoDB instead of SimpleDB):
MyTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: my-table
AttributeDefinitions:
- AttributeName: id
AttributeType: S
KeySchema:
- AttributeName: id
KeyType: HASH
BillingMode: PAY_PER_REQUEST
SSESpecification:
SSEEnabled: true
Compliant Code Examples
AWSTemplateFormatVersion: "2010-09-09"
Description: "SDB Domain declared"
Resources:
HostedZone:
Type: AWS::Route53::HostedZone
Properties:
Name: "HostedZone"
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "SDB Domain declared",
"Resources": {
"HostedZone": {
"Type": "AWS::Route53::HostedZone",
"Properties": {
"Name": "HostedZone"
}
}
}
}
Non-Compliant Code Examples
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "SDB Domain declared",
"Resources": {
"HostedZone": {
"Type": "AWS::Route53::HostedZone",
"Properties": {
"Name": "HostedZone"
}
},
"SBDDomain": {
"Type": "AWS::SDB::Domain",
"Properties": {
"Description": "Some information"
}
}
}
}
AWSTemplateFormatVersion: "2010-09-09"
Description: "SDB Domain declared"
Resources:
HostedZone:
Type: AWS::Route53::HostedZone
Properties:
Name: "HostedZone"
SBDDomain:
Type: AWS::SDB::Domain
Properties:
Description: "Some information"
