DynamoDB tables

Amazon DynamoDB provides a robust foundation, yet data resiliency and security are your responsibility. Let’s delve into the backup and encryption features that are essential for safeguarding your valuable DynamoDB assets.

Backup

Data backup in DynamoDB is an essential practice for safeguarding critical data and ensuring business continuity. DynamoDB offers two types of backup options:

• On-demand backups: This is a user-initiated action that allows for full backups of tables for long-term retention. On-demand backups do not impact table performance and can be useful for scenarios that require immediate backups, such as before making a significant application change. On-demand backups can be retained indefinitely and are ideal for long-term archival to meet compliance requirements.
• Continuous backups: This feature automatically captures changes to data and maintains these backups for 35 days. It allows for point-in-time recovery, making it possible to restore data from any second in the past 35 days. This is particularly useful for safeguarding against accidental writes or deletes.

Encryption

Data security is a non-negotiable aspect of modern databases, and DynamoDB offers robust and straightforward mechanisms to ensure data is encrypted within the table using KMS. When a table is created, the option to enable encryption is available. If this option is selected, all data written on the table, as well as all backups, are encrypted. If a KMS CMK is not specified, DynamoDB will use the default AWS-managed key (aws/dynamodb).