Cloud security remains a paramount concern at AWS. Hence, they are introducing encryption at rest for AWS DynamoDB. While Encryption at rest had already existed for services like SFS and EQS, now it can be used to secure sensitive data in your AWS DynamoDB tables.
To do this, you only need to enable encryption for a new table. DynamoDB will take care of the details for you. You may enable encryption on a new table using the AWS Management Console, API (CreateTable), or CLI (create-table).
Encryption at rest is done using AES-256 and a key from the AWS Key Management System (KMS). This encryption will not add to your storage and will be transparent. It will not interfere with your query, insert, scan and delete item commands. Tests also showed that running with encryption had no impact on latency.
Encryption at rest is now available for use. If you would like to learn how moving your infrastructure to the cloud with AWS DynamoDB can help your business, contact our PolarSeven AWS experts today.