Peter Moberg
Reputation: 3098
Grant permissions "per user" in DynamoDB?
I want to segregate access in DynamoDB per user. Basically the user should be able to create, query and delete tables (full read/write), but only tables created by him.
In a traditional database this would mean granting all rights for database X to user A, and all rights to database Y to user B.
How can I setup this in DynamoDB with IAM rights?
Upvotes: 0
Views: 575
Answers (1)
Shibashis
Reputation: 8421
You can segregate the database tables to an user by setting an IAM policy like
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "allowallaccess",
"Effect": "Allow",
"Action": [
"dynamodb:*"
],
"Resource": [
"arn:aws:dynamodb:us-west-2:123456789012:table/user_*"
]
}
]
}
Upvotes: 2
Related Questions
- AWS DynamoDB with Cognito user-scoped access?
- How can I access DynamoDB table from AccountA with using AccountB's User CLI credentials?
- Multiple Applications and DynamoDB, Ideal way to configure?
- Grant one IAM role access to a large number of DynamoDB tables
- What is the access control model for DynamoDB?
- "aws dynamodb list-tables" is not working on ec2 instance
- Issue binding API Gateway to DynamoDB
- AWS DynamoDB permissions - getting error when user queries database
- what the ideal way to query dynamoDB from web app?