Database Reference
In-Depth Information
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:GetItem",
"dynamodb:Query",
"dynamodb:BatchGetItem",
"dynamodb:Scan",
"dynamodb:UpdateItem"
],
"Resource":
["arn:aws:dynamodb:us-west-2:235338895076:table/Employee"],
"Condition": {
"ForAllValues:StringEquals": {
"dynamodb:Attributes":
["user_id","name","email", "address"]]
},
"StringEqualsIfExists": {
"dynamodb:Select":
"SPECIFIC_ATTRIBUTES",
"dynamodb:ReturnValues": [
"NONE",
"UPDATED_OLD",
"UPDATED_NEW"
]
}
}
}
]
}
This policy restricts users from accessing information only associated with their user ID.
Also, it allows users to access only the
user_id
,
name
,
email
and
address
attrib-
utes to be retrieved and updated. It does not allow them to add a new item or delete an ex-
isting one.
