In AWS, Can we use only one customer managed key to two different dynamodb table? Is it good practice?

Question

DynamoDbTableKmsKey:
    Type: AWS::KMS::Key

Table1:
    Type: AWS::DynamoDB::Table
    Properties:
      SSESpecification:
        SSEEnabled: True
        SSEType: KMS
        KMSMasterKeyId: !Ref DynamoDbTableKmsKey

Table2:
    Type: AWS::DynamoDB::Table
    Properties:
      SSESpecification:
        SSEEnabled: True
        SSEType: KMS
        KMSMasterKeyId: !Ref DynamoDbTableKmsKey

I've been looking on the aws documentation but I cannot see if it is not a good idea or a good practice or if it is possible.

Thank you very much

Yes, you can. Nothing wrong with it. – Marcin Aug 16 '23 at 06:35 — Marcin, Aug 16 '23 at 06:35

score 0 · Answer 1 · answered Aug 16 '23 at 12:59

0

Yes you can use the same key for multiple tables, and there is nothing wrong with doing so as you can define a fine grained policy on the key which can limit the access to each table independently.

answered Aug 16 '23 at 12:59

Leeroy Hannigan

11,409
3
14
31

In AWS, Can we use only one customer managed key to two different dynamodb table? Is it good practice?

1 Answers1