Json Yaml Missing Point In Time Recovery
Description
Identifies AWS DynamoDB tables defined in CloudFormation templates that do not have Point-in-Time Recovery enabled. Point-in-Time Recovery provides continuous backups of DynamoDB table data, allowing restoration to any point within the recovery window. Missing this configuration could lead to data loss in disaster recovery scenarios.
Detection Strategy
• Scan CloudFormation template files for DynamoDB table resource definitions (Type: AWS::DynamoDB::Table)
• Check if the table resource properties include PointInTimeRecoverySpecification configuration
• Report a vulnerability if Point-in-Time Recovery is either not configured or explicitly set to false
• Ignore DynamoDB table resources that have Point-in-Time Recovery enabled (PointInTimeRecoveryEnabled: true)
Vulnerable code example
Resources:
MyDynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
DeletionProtectionEnabled: true
KeySchema:
- AttributeName: id
KeyType: HASH...✅ Secure code example
Resources:
MyDynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
DeletionProtectionEnabled: true
KeySchema:
- AttributeName: id
KeyType: HASH...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.