Back to All Checks
Medium DynamoDB Regional

DynamoDB Accelerator clusters should be encrypted in transit

NIST 800-53PCI DSS v4.0.1ISO 27001HIPAA

Description

Checks whether Amazon DynamoDB Accelerator (DAX) cluster is encrypted in transit, with the endpoint encryption type set to TLS. HTTPS (TLS) is recommended to prevent potential attackers from conducting person-in-the-middle or similar attacks to eavesdrop on or manipulate network traffic. It is advised to only allow encrypted connections over TLS to access DAX clusters.

Remediation

To remediate this issue, enable TLS encryption for your DAX clusters to ensure data is encrypted in transit.

Steps

  1. Go to the AWS DynamoDB Accelerator (DAX) console
  2. Select the cluster that needs encryption enabled
  3. Go to the 'Configuration' tab
  4. Enable 'TLS encryption' for the cluster
  5. Save the changes and wait for the cluster to update

Compliance

NIST 800-53PCI DSS v4.0.1ISO 27001HIPAA
Start Your Free Security Check