DynamoDB tables should use KMS encryption

Docs > Datadog Security > OOTB Rules > DynamoDB tables should use KMS encryption

Description

DynamoDB tables should use KMS-backed server-side encryption at rest. KMS encryption protects stored data and metadata from unauthorized access and supports compliance requirements.

Remediation

Enable server-side encryption (SSE-KMS) on the table and select an AWS owned or customer-managed KMS key. For guidance, refer to DynamoDB encryption at rest.