based on docs, AWS DynamoDB is automatically encrypted your data as default (but RDS you must turn on this feature by your self)
ref: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html
ref: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html#Overview.Encryption.Determining
Under the AWS Shared Responsibility Model, the customer's responsibilities when using Amazon DynamoDB include:
C. Access to DynamoDB tables
The customer is responsible for managing and controlling access to their DynamoDB tables. This includes defining appropriate permissions, user access control, and authentication mechanisms to ensure that only authorized users or services can access the tables.
The other options are not customer responsibilities:
D. Encryption of data at rest in DynamoDB: AWS provides encryption of data at rest as a built-in feature for DynamoDB. The customer can enable encryption for their tables, but AWS handles the actual implementation and management of the encryption process.
Therefore, the correct customer responsibility is C. Access to DynamoDB tables.
based on docs, AWS DynamoDB is automatically encrypted your data as default (but RDS you must turn on this feature by your self)
ref: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html
Under the AWS Shared Responsibility Model, the responsibility for certain aspects of a service is divided between AWS and the customer. Regarding Amazon DynamoDB:
The customer is responsible for:
C. Access to DynamoDB tables
This means that the customer is responsible for managing and controlling access to their DynamoDB tables, including setting up appropriate IAM (Identity and Access Management) permissions and policies.
AWS is responsible for:
A. Physical security of DynamoDB
B. Patching of DynamoDB
D. Encryption of data at rest in DynamoDB
AWS takes care of the physical infrastructure, patches and updates the DynamoDB service, and provides encryption mechanisms for data at rest. It's important for customers to be aware of their responsibilities and configure access controls accordingly to ensure the security of their DynamoDB tables.
C. Access to DynamoDB tables
This means that customers are responsible for managing access control to their DynamoDB tables, including configuring IAM policies, roles, and permissions to ensure that only authorized users or services can interact with the tables. This responsibility involves setting up appropriate authentication and authorization mechanisms to protect the data stored in DynamoDB from unauthorized access.
C. Access to DynamoDB tables
The customer is responsible for managing access control to their DynamoDB tables, including defining permissions, roles, and policies to control who can access the tables and what actions they can perform. This involves setting up appropriate IAM policies and roles to restrict access to authorized users and applications while adhering to security best practices.
Customers are responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the appropriate permissions.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
James_Srm
Highly Voted 12 months agogoushaa
Highly Voted 4 months, 2 weeks agoCollinsk
Most Recent 1 week agoFrankdespi
2 weeks, 4 days agoguilherme_tambelini
4 weeks, 1 day agoDurella
1 month, 3 weeks agoShaiTay
2 months, 3 weeks agonigol
4 months, 1 week agoTheFivePips
4 months, 2 weeks ago[Removed]
4 months, 4 weeks agoNIREI_AKANE
8 months agolucaschen9511
8 months, 2 weeks agochalaka
9 months, 2 weeks agoItzmelakshmikanth3108
10 months, 2 weeks agoFrank3108
11 months agobd29
11 months, 2 weeks agoLinuxChamp
11 months, 3 weeks ago