Status: IN
DynamoDB global table security governance is fragmented by design: resource-based policies must be independently configured per replica region AND fine-grained access control conditions must explicitly exclude replication service-linked roles — security administration scales linearly with replica count and carries replication-specific exclusion requirements that are easy to miss.