⭐ Repository → 📁 Compliance Engine → 📁 CloudAware → 📁 AWS → 📁 DynamoDB

🛡️ AWS DynamoDB Table is located in a less cost-effective region🟢

• Contextual name: 🛡️ Table is located in a less cost-effective region🟢
• ID: /ce/ca/aws/dynamodb/table-cost-effective-region
• Tags:
  • 🟢 Policy with categories
  • 🟢 Policy with type
  • 🟢 Production policy
• Policy Type: BEST_PRACTICE
• Policy Categories: COST

Logic

• 🧠 prod.logic.yaml🟢
  • 📗 AWS DynamoDB Table
  • 🔌 AWS DynamoDB Table - object.extracts.yaml
  • 🧪 test-data.json

Description

Open File

Description

This policy identifies AWS DynamoDB Tables that are provisioned in regions with higher pricing compared to nearby alternatives.

Rationale

DynamoDB pricing varies across AWS regions, particularly for read and write requests. Running workloads in higher-cost regions can significantly increase operational expenses without providing additional benefits, unless the region is specifically required for latency optimization, compliance, or data residency. Identifying these tables enables organizations to evaluate whether migrating them to more cost-efficient regions is feasible, potentially resulting in substantial savings.

Impact

Migrating DynamoDB workloads to different regions requires careful planning to avoid service disruptions and to ensure latency, compliance, and data sovereignty requirements are maintained.

Audit

This policy flagged an AWS DynamoDB Table as INCOMPLIANT if it is ACTIVE in one of the following regions identified as less cost-efficient:

| Region | Recommended Alternative |

... see more

Remediation

Open File

Remediation

To reduce operational costs, migrate DynamoDB tables from higher-cost regions to more cost-efficient alternatives. DynamoDB does not support direct table moves across regions. The recommended approaches are:

• DynamoDB Global Tables
• Point-in-Time Recovery (PITR)

Migrate Using DynamoDB Global Tables

1. Enable streams on the existing table:

aws dynamodb update-table \
    --table-name {{table-name}} \
    --stream-specification StreamEnabled=true,StreamViewType=NEW_AND_OLD_IMAGES

2. Add replication to a new region:

aws dynamodb update-table --table-name {{table-name}} --cli-input-json \
'{
  "ReplicaUpdates":
  [
    {
      "Create": {
        "RegionName": "{{target-region}}"
      }
    }
  ]
}' \
--region region

3. Once data is synchronized, update applications to use the new region and optionally remove the old replica:

aws dynamodb update-table --table-name {{table-name}} --cli-input-json \
'{
  "ReplicaUpdates":
  [
    {
      "Delete": {
        "RegionName": "{{source-region}}"
      }

... [see more](remediation.md)

policy.yaml

Open File

Linked Framework Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 Cloudaware Framework → 💼 Resource Optimization			23		no data