Vendor services misconfigurations

DynamoDB table auto scaling is disabled

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Amazon DynamoDB auto scaling uses the AWS Application Auto Scaling service to dynamically alter provisioned throughput capacity, instead of the customer actual traffic patterns. This allows a table or global secondary index to increase its provisioned read and write capacity to handle spikes in traffic without throttling. When the workload decreases, Application Auto Scaling reduces throughput so the customer doesn't have to pay for unused provisioned capacity. This mode is called provision mode, the other mode is on-demand mode. In this mode the customer pay for on demand actual reads and writes occur at the DynamoDB table. We have found that DynamoDB table is in provisioned mode and auto scaling for capacity is not enabled. In this case the capacity won't match the real time demand and can cause insufficient capacity or much higher costs.

  • Recommended Mitigation

    It is recommended to consider to enable Amazon DynamoDB table to update provision mode to be with auto scaling for capacity enabled or change to on-demand mode. It will help to scale the table for the needed capacity automatically and also will help to reduce costs.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.