Encrypt your Amazon DynamoDB data by using your own encryption keys

Amazon DynamoDB is a fully managed, nonrelational database that delivers reliable performance at any scale. DynamoDB encrypts all your data at rest by default with an AWS owned customer master key (CMK), unless you opt to use a AWS managed CMK. Starting today, you also can use customer managed CMKs, which means you can have full control over how you encrypt and manage the security of your DynamoDB data.

Source:: Amazon AWS