:PROPERTIES: :ID: ab2d34bf-97b1-4e50-8e9a-597d0f8fcf01 :END: #+title: DynamoDB IAM Policies #+caption: DynamoDB access for the k8s-labs-application role #+begin_src json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "dynamodb:ListTables", "Resource": "*" }, { "Effect": "Allow", "Action": [ "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:PutItem", "dynamodb:DeleteItem", "dynamodb:Scan", "dynamodb:Query", "dynamodb:UpdateItem", "dynamodb:DescribeTimeToLive", "dynamodb:CreateTable", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:UpdateTable" ], "Resource": [ "arn:aws:dynamodb:*:018154689201:table/*-webhook-callbacks/index/*", "arn:aws:dynamodb:*:018154689201:table/*-webhook-callbacks" ] }, { "Effect": "Allow", "Action": [ "dynamodb:BatchGetItem", "dynamodb:BatchWriteItem", "dynamodb:ConditionCheckItem", "dynamodb:PutItem", "dynamodb:DeleteItem", "dynamodb:Scan", "dynamodb:Query", "dynamodb:UpdateItem", "dynamodb:DescribeTimeToLive", "dynamodb:CreateTable", "dynamodb:DescribeTable", "dynamodb:GetItem", "dynamodb:UpdateTable" ], "Resource": [ "arn:aws:dynamodb:*:018154689201:table/*-webhooks", "arn:aws:dynamodb:*:018154689201:table/*-webhooks/index/*" ] } ] } #+end_src - [[https://docs.amazonaws.cn/en_us/amazondynamodb/latest/developerguide/access-control-overview.html][Overview of Managing Access Permissions to Your Amazon DynamoDB Resources]] - [[https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/api-permissions-reference.html][DynamoDB API Permissions: Actions, Resources, and Conditions Reference]]