Protecting Data in Transit to Amazon DynamoDB

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

If you're connecting to DynamoDB from other services from AWS in the same region, you can rely on the security of the AWS network, but if you're connecting to DynamoDB across the Internet, you should use HTTP over SSL/TLS (HTTPS) to connect to DynamoDB service endpoints.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Avoid using HTTP for access to DynamoDB, and for all connections across the Internet.

See Also

https://d1.awsstatic.com/whitepapers/Security/AWS_Security_Best_Practices.pdf

Item Details

Category: ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION, PHYSICAL AND ENVIRONMENTAL PROTECTION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-2, 800-53|AC-3, 800-53|AC-4, 800-53|AC-6, 800-53|AC-11, 800-53|AC-18, 800-53|AU-13, 800-53|IA-3, 800-53|IA-7, 800-53|PE-19, 800-53|SA-8, 800-53|SC-7, 800-53|SC-8, 800-53|SC-9, 800-53|SC-13, 800-53|SC-16, 800-53|SC-23, 800-53|SC-28, 800-53|SI-7, 800-53|SI-8

Plugin: amazon_aws

Control ID: 7bedc20c5b9a612809ad75fc595c7d62b2d6242b28d07866dcc90bb8c2b2f67c