DynamoDB Deep Dive: NoSQL for Software Engineers/

...

/

Demo: Access management

Demo: Access management

Let's learn how to create IAM users.

We'll cover the following...

Policy

We have already learned how to create policies. Before proceeding, we will create the following policy and name it DemoDynamodbPolicy.

Press + to interact
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "dynamodb:GetItem",
                "dynamodb:Query",
                "dynamodb:Scan"
            ],
            "Resource": [
                "arn:aws:dynamodb:*:<AWS Root Account Id>:table/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "dynamodb:Describe*",
                "dynamodb:List*"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

We’ll use the command given below to create the required IAM policy:

Press + to interact
aws iam create-policy \
    --policy-name DemoDynamodbPolicy \
    --policy-document file://usercode/policy.json

Note: If this command throws the following error, An error occurred (AccessDenied) when calling the CreatePolicy operation, we’re not authorized to create an IAM policy. The required policy already exists in our account in ...