4.3.3. DynamoDB Encryption and Access Control
First Principle: DynamoDB encryption at rest and granular IAM access control fundamentally protect sensitive data in NoSQL tables, ensuring data confidentiality and integrity with high scalability.
Amazon DynamoDB is a fully managed NoSQL database service designed for high performance and scalability. Securing data in DynamoDB involves both encryption and precise access control.
Key Concepts of DynamoDB Encryption and Access Control:
- Encryption at Rest:
- Concept: DynamoDB automatically encrypts all data at rest by default.
- Key Management: You have options for managing the encryption keys:
- AWS owned keys: Default and simplest.
- AWS managed keys (AWS KMS): Uses a default AWS KMS key for DynamoDB.
- Customer Managed Keys (CMKs) in KMS: Provides the highest level of control and auditability for your encryption keys, ideal for sensitive data and compliance.
- Access Control:
- IAM Policies: The primary method for controlling access to DynamoDB tables. You define IAM policies (attached to IAM users, groups, or roles) that specify which actions (DynamoDB API operations like
GetItem,PutItem) are allowed on which DynamoDB tables or specific items. - Principle of Least Privilege: Grant only the specific permissions needed (e.g.,
dynamodb:GetItemonTableAfor a particular application). - Condition Keys: Add fine-grained conditions to policies (e.g., allow access only from a specific source IP, or based on item attributes).
- IAM Policies: The primary method for controlling access to DynamoDB tables. You define IAM policies (attached to IAM users, groups, or roles) that specify which actions (DynamoDB API operations like
Scenario: You need to store sensitive customer data in an Amazon DynamoDB table. You want to ensure this data is encrypted at rest using your own KMS key for auditability, and only specific IAM roles (used by your application) can read and write to the table.
Reflection Question: How do DynamoDB encryption at rest (with KMS CMKs) and granular IAM access control (via IAM policies with least privilege) fundamentally protect sensitive data in NoSQL tables, ensuring data confidentiality and integrity with high scalability?