DynamoDB Tutorial
DynamoDB Useful Resources
Selected Reading
选读
- DynamoDB - Best Practices
- DynamoDB - Error Handling
- DynamoDB - Table Activity
- DynamoDB - MapReduce
- DynamoDB - CloudTrail
- DynamoDB - Monitoring
- DynamoDB - Data Backup
- DynamoDB - Data Pipeline
- Web Identity Federation
- DynamoDB - Conditions
- DynamoDB - Permissions API
- DynamoDB - Access Control
- DynamoDB - Aggregation
- Local Secondary Indexes
- Global Secondary Indexes
- DynamoDB - Indexes
- DynamoDB - Scan
- DynamoDB - Querying
- DynamoDB - Batch Retrieve
- DynamoDB - Batch Writing
- DynamoDB - Delete Items
- DynamoDB - Update Items
- DynamoDB - Getting Items
- DynamoDB - Creating Items
- DynamoDB - API Interface
- DynamoDB - Delete Table
- DynamoDB - Query Table
- DynamoDB - Load Table
- DynamoDB - Create Table
- DynamoDB - Data Types
- DynamoDB - Operations Tools
- DynamoDB - Environment
- DynamoDB - Basic Concepts
- DynamoDB - Overview
- DynamoDB - Home
DynamoDB Useful Resources
Selected Reading
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
选读
DynamoDB - Permissions API
DynamoDB - Permissions API
DynamoDB API offers a large set of actions, which require permissions. In setting permissions, you must estabpsh the actions permitted, resources permitted, and conditions of each.
You can specify actions within the Action field of the popcy. Specify resource value within the Resource field of the popcy. But do ensure that you use the correct syntax containing the Dynamodb: prefix with the API operation.
For example − dynamodb:CreateTable
You can also employ condition keys to filter permissions.
Permissions and API Actions
Take a good look at the API actions and associated permissions given in the following table −
| API Operation | Necessary Permission |
|---|---|
| BatchGetItem | dynamodb:BatchGetItem |
| BatchWriteItem | dynamodb:BatchWriteItem |
| CreateTable | dynamodb:CreateTable |
| DeleteItem | dynamodb:DeleteItem |
| DeleteTable | dynamodb:DeleteTable |
| DescribeLimits | dynamodb:DescribeLimits |
| DescribeReservedCapacity | dynamodb:DescribeReservedCapacity |
| DescribeReservedCapacityOfferings | dynamodb:DescribeReservedCapacityOfferings |
| DescribeStream | dynamodb:DescribeStream |
| DescribeTable | dynamodb:DescribeTable |
| GetItem | dynamodb:GetItem |
| GetRecords | dynamodb:GetRecords |
| GetShardIterator | dynamodb:GetShardIterator |
| ListStreams | dynamodb:ListStreams |
| ListTables | dynamodb:ListTables |
| PurchaseReservedCapacityOfferings | dynamodb:PurchaseReservedCapacityOfferings |
| PutItem | dynamodb:PutItem |
| Query | dynamodb:Query |
| Scan | dynamodb:Scan |
| UpdateItem | dynamodb:UpdateItem |
| UpdateTable | dynamodb:UpdateTable |
Resources
In the following table, you can review the resources associated with each permitted API action −
| API Operation | Resource |
|---|---|
| BatchGetItem | arn:aws:dynamodb:region:account-id:table/table-name |
| BatchWriteItem | arn:aws:dynamodb:region:account-id:table/table-name |
| CreateTable | arn:aws:dynamodb:region:account-id:table/table-name |
| DeleteItem | arn:aws:dynamodb:region:account-id:table/table-name |
| DeleteTable | arn:aws:dynamodb:region:account-id:table/table-name |
| DescribeLimits | arn:aws:dynamodb:region:account-id:* |
| DescribeReservedCapacity | arn:aws:dynamodb:region:account-id:* |
| DescribeReservedCapacityOfferings | arn:aws:dynamodb:region:account-id:* |
| DescribeStream | arn:aws:dynamodb:region:account-id:table/table-name/stream/stream-label |
| DescribeTable | arn:aws:dynamodb:region:account-id:table/table-name |
| GetItem | arn:aws:dynamodb:region:account-id:table/table-name |
| GetRecords | arn:aws:dynamodb:region:account-id:table/table-name/stream/stream-label |
| GetShardIterator | arn:aws:dynamodb:region:account-id:table/table-name/stream/stream-label |
| ListStreams | arn:aws:dynamodb:region:account-id:table/table-name/stream/* |
| ListTables | * |
| PurchaseReservedCapacityOfferings | arn:aws:dynamodb:region:account-id:* |
| PutItem | arn:aws:dynamodb:region:account-id:table/table-name |
| Query | arn:aws:dynamodb:region:account-id:table/table-name or arn:aws:dynamodb:region:account-id:table/table-name/index/index-name |
| Scan | arn:aws:dynamodb:region:account-id:table/table-name or arn:aws:dynamodb:region:account-id:table/table-name/index/index-name |
| UpdateItem | arn:aws:dynamodb:region:account-id:table/table-name |
| UpdateTable | arn:aws:dynamodb:region:account-id:table/table-name |