Amazon DynamoDB is a fully managed, multi-region, multi-master database that by default encrypts all your data at rest to help enhance the security of your DynamoDB data. You can use the default encryption, the AWS owned customer master key (CMK), or the AWS managed CMK to encrypt all your data. DynamoDB now has added support to enable you to switch encryption keys, between the AWS owned CMK and AWS managed CMK, without having to make any code or application modifications to encrypt your data.