User is not authorized to perform: dynamodb:PutItem on resource
Question
I am trying to access DynamoDB from my Node app deployed on AWS ElasticBeanStalk. I am getting an error
User is not authorized to perform: dynamodb:PutItem on resource
It works perfectly fine locally, but when I deploy to the AWS it stops performing.
5 answers
solution1
40 2017-01-11 00:25:55
I am trying to access DynamoDB from my Node app deployed on AWS ElasticBeanStalk. I am getting an error
User is not authorized to perform: dynamodb:PutItem on resource
It works perfectly fine locally, but when I deploy to the AWS it stops performing.
solution2
1 2016-01-14 15:27:33
I am trying to access DynamoDB from my Node app deployed on AWS ElasticBeanStalk. I am getting an error
User is not authorized to perform: dynamodb:PutItem on resource
It works perfectly fine locally, but when I deploy to the AWS it stops performing.
solution3
0 2020-11-03 15:55:22
I am trying to access DynamoDB from my Node app deployed on AWS ElasticBeanStalk. I am getting an error
User is not authorized to perform: dynamodb:PutItem on resource
It works perfectly fine locally, but when I deploy to the AWS it stops performing.
solution4
0 2021-12-16 14:04:08
Granting full dynamodb access using aws managed policy AmazonDynamoDBFullAccess is not recommended and is not a best practice. Try adding your table arn in the resource key in the policy in your role policy json.
"Resource": "arn:aws:dynamodb:<region>:<account_id>:table:/dynamodb_table_name"
solution5
0 2022-11-15 23:41:16
Sign in to IAM > Roles, select the service name. Make sure the DynamoDB Resource is correct.
solution6
-1 2019-01-04 14:49:09
Answer already is given but this is the best practice to use policy for your AWS user or role.
To Get object only from particular Table
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"dynamodb:DescribeTable",
"dynamodb:GetItem"
],
"Resource": "arn:aws:dynamodb:us-west-2:<account_number>:table/dev-panels"
}
]
}
To Verify
aws dynamodb describe-table --table-name dev-panels
To put Object
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"dynamodb:DescribeTable",
"dynamodb:PutItem"
],
"Resource": "arn:aws:dynamodb:us-west-2:<account_number>:table/dev-panels"
}
]
}
To Allow All action on one table.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllAPIActionsOnBooks",
"Effect": "Allow",
"Action": "dynamodb:*",
"Resource": "arn:aws:dynamodb:us-west-2:123456789012:table/<youtable_name>"
}
]
}
To verify role or user
aws dynamodb put-item --table-name dev-panels --item file://user.json --return-consumed-capacity TOTAL
user.json
{
"Name": {"S": "adiii"},
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.