DynamoDB Encryption

DynamoDB Encryption Client

  • It is a software library that helps you to protect your table data before you send it to DynamoDB.

  • It encrypts the attribute values in each table item using a unique encryption key.

  • It then signs the item to protect it against unauthorized changes, such as adding or deleting attributes or swapping encrypted values.

  • After you create and configure the required components, the DynamoDB Encryption Client transparently encrypts and signs your table items when you add them to a table.

  • It also verifies and decrypts them when you retrieve them.

DynamoDB Encryption at Rest

  • All user data stored in DynamoDB is fully encrypted at rest.

  • DynamoDB encryption at rest provides enhanced security by encrypting all your data at rest using encryption keys stored in KMS.

  • This functionality helps reduce the operational burden and complexity involved in protecting sensitive data.

PreviousGlacierNextAWS Secrets Manager

Last updated

Was this helpful?