Description

To reduce your AWS bill and mitigate the risk of unauthorized access, you should locate any unused Amazon DynamoDB tables within your AWS account and delete them. A DynamoDB table is considered unused when its "TableSizeBytes" parameter, which indicates the total size of a specified table, in bytes, is equal to 0 (zero).‍

Remediation

Here are the steps you can follow to remediate unused Amazon DynamoDB tables:

  1. Identify unused tables: Determine which tables are unused by checking their "ItemCount" parameter. Any table with a value of 0 (zero) for this parameter is considered unused.
  2. Back up the data: Before deleting an unused table, make sure to back up any important data that may be stored in it.
  3. Delete the table: Once you have backed up the data, delete the table from your AWS account.
  4. Review other resources: Review other resources associated with the deleted table, such as IAM roles and policies, CloudWatch alarms, and AWS Lambda functions. Update or delete them as needed.
  5. Repeat the process: Regularly review your AWS account for unused DynamoDB tables and repeat the process as necessary.

By following these steps, you can reduce the cost of your AWS bill and mitigate the risk of unauthorized access to your unused DynamoDB tables.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.