AWS Database Encryption SDK for Amazon DynamoDB In Preview
Written by Nikos Vaggalis   
Monday, 24 July 2023

AWS Database Encryption SDK is an upgrade to the existing Amazon DynamoDB Encryption Client, that enables attribute level encryption of DynamoDB workloads client-side.

DynamoDB has always had server-side encryption to ensure your data was encrypted at rest. This new SDK enables client- side encryption too, allowing you to protect the data in transit before it even leaves its origin. Previously, if you wanted client-side encryption you had to provision your own solution in your applications. With the SDK that's a thing of the past.

As far as Attribute-level encryption goes, this refers to the process of encrypting individual attributes or fields within a larger data structure or object. It allows for more granular control over the encryption of sensitive data, as different attributes can have different encryption keys and access policies. For example, in Amazon FinSpace, attribute sets are used to describe datasets, and attributes within these sets help capture additional business context for each dataset. This allows for better search results and metadata quality. Similarly, in Amazon GameLift's FlexMatch, player attributes can be declared within a rule set, which can then be used to pass information to the game session.

That aside, it also lets you easily search on encrypted attributes without decrypting the entire database beforehand. This lets you find the right information quickly while your data remains securely encrypted within the database.

Moreover,it has also been designed with multi-tenancy in mind, meaning that you can have multiple Key Management Service providers encrypting different parts of the same table as well as using KMS key policies to enforce clear separation between the authorized users who can access specific encrypted attributes and those who cannot.

The SDK is available for Java, and in order to use it, you must have:

  • A Java 8 or newer development environment.
  • Declare a Dependency on the DB-ESDK for DynamoDB in Java and it's dependencies, via Gradle or Maven.
  • the DynamoDB client from the AWS SDK for Java V2 and the AwsCryptographicMaterialProviders library.
  • An Amazon Web Services (AWS) account to use the DB-ESDK for DynamoDB as it's specifically designed to work with Amazon DynamoDB.

Optionally, you can use AWS Key Management Service (AWS KMS) as your main keyring provider.

 newawslogo

More Information

AWS Database Encryption SDK for DynamoDB in Java
Announcing preview of the AWS Database Encryption SDK for Amazon DynamoDB

Related Articles 

AWS Lambda Adopts Python 3.10

AWS Lambda Adopts Java 17

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner

Amazon Bedrock Adds Support For Anthropic's Claude3 Opus
14/05/2024

Bedrock, Amazon's fully managed service for building generative AI applications, has been enhanced with support for Anthropic's Claude 3 Opus Foundation Model.


+ Full Story
Hydraulic Atlas Bows Out, Welcome Electric Atlas
21/04/2024

Boston Dynamics dismayed us at the beginning of the week with a video that suggested was discontinuing Atlas, its humanoid robot. Fast forward a day and its successor was unveiled. Designed to be even [ ... ]


+ Full Story
More News

raspberry pi books

 

Comments




or email your comment to: comments@i-programmer.info