[DynamoDB.2] DynamoDB tables should have point-in-time recovery enabled - Terraform Resource aws_dynamodb_table - lock-table

[drarnold]

Describe the outcome you'd like

We would like the DynamoDB Table (specifically the lock-table resource to have point_in_time_recovery enabled. This will allow us to initially pass the AWS SecurityHub - AWS Foundational Security Best Practices v1.0.0 - [DynamoDB.2] DynamoDB tables should have point-in-time recovery enabled Control.

Is your feature request related to a problem you are currently experiencing? If so, please describe.

Yes, this is currently a feature that I am experiencing with my account. We deployed the AWS Control Tower Account Factory solution within our main AWS account and noticed that the initial finding of DynamoDB.2 was present within the AWS Foundational Security Best Practices v1.0.0 ruleset. This can be solved by enabling the point_in_time_recovery variable within the Terraform code to allow this during initial deployment.

Additional context

N/A

[drarnold]

Currently located here within the codebase: https://github.com/aws-ia/terraform-aws-control_tower_account_factory/blob/main/modules/aft-backend/main.tf#L261