How to run DynamoDB web service?

Question

Have been reading aws guidelines for a while, but still cannot run a dynamoDB webservice. Already have a working codebase, just need to run a webservice and get access keys and endpoint url. The only button amazon shows is Create table, which I do not need as I create them from code.

Answer 1

First thing, the endpoints to access dynamoDB are regional and don't depend on the table name, you can find them here https://docs.aws.amazon.com/general/latest/gr/rande.html

Second thing, if you create tables and access them from the same application (running on AWS) you should use AWS roles and make sure you give the right permissions to the IAM policy associated with the role, if you're creating the tables from one specific service and accessing them from different services than you need to make sure every service has the right role and, again IAM policy associated to the role, finally if you're accessing them with different users you need to make sure those users have an associeted IAM policy that gives them access.

If you don't want to create a big amount of policies and you don't want to modified them when you create new resources you can use a prefix for the name of your tables such as app_a_... and in the policies give access to the right subset of resources using the same prefix for example

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "accessToAppAtables",
            "Effect": "Allow",
            "Action": "dynamodb:*",
            "Resource": "arn:aws:dynamodb:<REGION>:<ACCOUNT_ID>:table/app_a_*"
        }
    ]
}

Refer this document.