Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: AWS DynamoDB Tables using AWS-managed encryption keys #1625

Open
rdegraaf-ncc3 opened this issue Apr 15, 2024 · 0 comments
Open

Feature Request: AWS DynamoDB Tables using AWS-managed encryption keys #1625

rdegraaf-ncc3 opened this issue Apr 15, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@rdegraaf-ncc3
Copy link
Contributor

Is your feature request related to a problem? Please describe.

AWS DynamoDB can perform server-side encryption using either AWS-managed keys or KMS CMKs. KMS is the preferred approach as it allows control over access to the keys and provides an extra layer of security against accidental data exposure.

Describe the solution you'd like

ScoutSuite should check that all DynamoDB tables are using customer-managed KMS encryption. The encryption settings can be retrieved using the following AWS CLI command:

 aws dynamodb describe-table --table <table>

Documentation: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/EncryptionAtRest.html

Describe alternatives you've considered

N/A

Additional context

N/A
@rdegraaf-ncc3 rdegraaf-ncc3 added the enhancement New feature or request label Apr 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rdegraaf-ncc3