Database Reference
In-Depth Information
Sample fine-grained access control policies
Now let's try to list down the commonly used fine-grained access control policies that can
be used as a reference by you.
Restricting access to only specific hash value
This is a very popular use case where you want the user data in your table to be accessed
by only the respected users. The following is the policy statement for the same:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:GetItem",
"dynamodb:BatchGetItem",
"dynamodb:Query",
"dynamodb:PutItem",
"dynamodb:UpdateItem",
"dynamodb:DeleteItem",
"dynamodb:BatchWriteItem"
],
"Resource":
["arn:aws:dynamodb:us-west-2:235338895076:table/Employee"],
"Condition": {
"ForAllValues:StringEquals":
{"dynamodb:LeadingKeys": ["${www.amazon.com:user_id}"]}
}
}
]
Restricting access to only specific attributes of a table
This is a vertical access control policy that limits users from accessing certain attributes of
a table. For example, in the case of the Employee table, we would be restricting users
from accessing information such as performance rating and so on, using the following
code:
Search WWH ::




Custom Search