Links

AWS QLDB

Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes

Access Control Policy

Design Guidance:

AWS::QLDB::Ledger

Permissions Mode
Terraform

AWS::QLDB::Stream

Role Arn

Design for High Availability

Design Guidance:

AWS::QLDB::Ledger

Deletion Protection
Terraform

Asset Inventory

Design Guidance:

AWS::QLDB::Ledger

Tags
Terraform
Name
Terraform

AWS::QLDB::Stream

Ledger Name
Stream Name
Tags

Data Minimization

Design Guidance:

AWS::QLDB::Stream

Inclusive Start Time
Exclusive End Time

Minimize Data Collection

Design Guidance:

AWS::QLDB::Stream

Kinesis Configuration-Aggregation Enabled