Skip to main content

🧠 AWS DynamoDB Table Point In Time Recovery is not enabled - prod.logic.yaml🟒

Uses​

Test Results πŸŸ’β€‹

Generated at: 2026-04-18T12:02:34.246044541Z Open

ResultIdCondition IndexCondition TextRuntime Error
🟒test1βœ”οΈ 299βœ”οΈ CA10__AWS_DynamoDB_Backups__r.has(COMPLIANT) || CA10A1__AWS_Backup_Recovery_Points__r.has(COMPLIANT)βœ”οΈ null
🟒test2βœ”οΈ 399βœ”οΈ extract('CA10__pointInTimeRecoveryStatus__c') == 'DISABLED'βœ”οΈ null
🟒test3βœ”οΈ 199βœ”οΈ extract('CA10__tableStatus__c') != 'ACTIVE'βœ”οΈ null
🟒test4βœ”οΈ 499βœ”οΈ extract('CA10__pointInTimeRecoveryStatus__c') == 'ENABLED'βœ”οΈ null
🟒test5βœ”οΈ 299βœ”οΈ CA10__AWS_DynamoDB_Backups__r.has(COMPLIANT) || CA10A1__AWS_Backup_Recovery_Points__r.has(COMPLIANT)βœ”οΈ null

Generation Bundle​

FileMD5
Open/ce/ca/aws/dynamodb/table-point-in-time-recovery/policy.yaml3E7AC5403389C5EA48E8C0DBB036F85A
Open/ce/ca/aws/dynamodb/table-point-in-time-recovery/prod.logic.yaml81A4B10A0690B951BB9A6303394B2564
Open/ce/ca/aws/dynamodb/table-point-in-time-recovery/test-data.jsonCA228015ECC590C4A5D33855C1B25214
Open/types/CA10__CaAwsDynamoDbBackup__c/object.extracts.yaml7A95CBE1796D4FCEB869F5CDD935E516
Open/types/CA10A1__CaAwsBackupRecoveryPoint__c/object.extracts.yaml03645351ED418265EF3EFF8207F505A7
Open/types/CA10__CaAwsDynamoDbTable__c/object.extracts.yamlEC959FF9A6572890388AA7C1C47122EF

Available Commands​

repo-manager policies generate FULL /ce/ca/aws/dynamodb/table-point-in-time-recovery/prod.logic.yaml
repo-manager policies generate DEBUG /ce/ca/aws/dynamodb/table-point-in-time-recovery/prod.logic.yaml
repo-manager policies generate CAPTURE_TEST_DATA /ce/ca/aws/dynamodb/table-point-in-time-recovery/prod.logic.yaml
repo-manager policies generate TESTS /ce/ca/aws/dynamodb/table-point-in-time-recovery/prod.logic.yaml
# Execute tests
repo-manager policies test /ce/ca/aws/dynamodb/table-point-in-time-recovery/prod.logic.yaml

Content​

Open File

inputType: "CA10__CaAwsDynamoDbTable__c"
testData:
  - file: "test-data.json"
importExtracts:
  - file: /types/CA10__CaAwsDynamoDbTable__c/object.extracts.yaml
conditions:
  - status: "INAPPLICABLE"
    currentStateMessage: "The table is not active."
    check:
      NOT_EQUAL:
        left:
          EXTRACT: "CA10__tableStatus__c"
        right:
          TEXT: "ACTIVE"
  - status: "INAPPLICABLE"
    currentStateMessage: "On-demand backup is enabled for this DynamoDB table."
    check:
      OR:
        args:
          - RELATED_LIST_HAS:
              status: "COMPLIANT"
              relationshipName: "CA10__AWS_DynamoDB_Backups__r"
          - RELATED_LIST_HAS:
              status: "COMPLIANT"
              relationshipName: "CA10A1__AWS_Backup_Recovery_Points__r"
  - status: "INCOMPLIANT"
    currentStateMessage: "Point-in-Time Recovery is not enabled for this DynamoDB table."
    remediationMessage: "Enable point-in-time recovery for the DynamoDB table to allow granular data restoration."
    check:
      IS_EQUAL:
        left:
          EXTRACT: "CA10__pointInTimeRecoveryStatus__c"
        right:
          TEXT: "DISABLED"
  - status: "COMPLIANT"
    currentStateMessage: "Point-in-time recovery is enabled for this DynamoDB table."
    check:
      IS_EQUAL:
        left:
          EXTRACT: "CA10__pointInTimeRecoveryStatus__c"
        right:
          TEXT: "ENABLED"
otherwise:
  status: "UNDETERMINED"
  currentStateMessage: "Unexpected values in the field."
relatedLists:
  - relationshipName: "CA10__AWS_DynamoDB_Backups__r"
    importExtracts:
      - file: /types/CA10__CaAwsDynamoDbBackup__c/object.extracts.yaml
    conditions:
      - status: "INAPPLICABLE"
        currentStateMessage: "The DynamoDB Backup is not available."
        check:
          NOT_EQUAL:
            left:
              EXTRACT: "CA10__status__c"
            right:
              TEXT: "AVAILABLE"
      - status: "INCOMPLIANT"
        currentStateMessage: "The DynamoDB Backup is active but was created more than 90 days ago."
        remediationMessage: "Rotate the DynamoDB backup by creating a new one and deleting the old one."
        check:
          IS_BEYOND_LAST_DAYS:
            offsetDays: 90
            arg:
              EXTRACT: "CA10__creationDateTime__c"
    otherwise: 
      status: "COMPLIANT"
      currentStateMessage: "The backup exists and was created within the last 90 days."
  - relationshipName: "CA10A1__AWS_Backup_Recovery_Points__r"
    importExtracts:
      - file: /types/CA10A1__CaAwsBackupRecoveryPoint__c/object.extracts.yaml
    conditions:
      - status: "INAPPLICABLE"
        currentStateMessage: "The recovery point is not completed or available."
        check:
          AND:
            args:
              - NOT_EQUAL:
                  left:
                    EXTRACT: "CA10A1__status__c"
                  right:
                    TEXT: "COMPLETED"
              - NOT_EQUAL:
                  left:
                    EXTRACT: "CA10A1__status__c"
                  right:
                    TEXT: "AVAILABLE"
      - status: "INCOMPLIANT"
        currentStateMessage: "The recovery point is active but was created more than 90 days ago."
        remediationMessage: "Rotate the backup recovery point by creating a new one and deleting the old one."
        check:
          IS_BEYOND_LAST_DAYS:
            offsetDays: 90
            arg:
              EXTRACT: "CA10A1__creationDate__c"
    otherwise: 
      status: "COMPLIANT"
      currentStateMessage: "The backup recovery point exists."