Amazon DynamoDB now supports resource-based policies
Share
Services
Amazon DynamoDB now supports resource-based policies to help you simplify access control for your DynamoDB resources. With resource-based policies, you can specify the Identity and Access Management (IAM) principals that have access to a resource and what actions they can perform on it. You can attach a resource-based policy to a DynamoDB table or a stream. The resource-based policy that you attach to a table can include access permissions to its indexes. The resource-based policy that you attach to a stream can include access permissions to the stream. With resource-based policies, you can also simplify cross-account access control for sharing resources with IAM principals of different AWS accounts.
Resource-based policies support integrations with [IAM Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html#what-is-access-analyzer-resource-identification) and [Block Public Access (BPA)](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-bpa-rbp.html) capabilities. IAM Access Analyzer reports cross-account access to external entities specified in resource-based policies, and the findings provide visibility to help you refine permissions and conform to least privilege. BPA helps you prevent public access to your DynamoDB tables, indexes, and streams, and is automatically enabled in the resource-based policies creation and modification workflows.
Resource-based policies for DynamoDB is available in all [AWS Commercial Regions](https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/). There is no additional cost to use the feature. You can get started with resource-based policies by using the AWS Management Console, AWS API, AWS CLI, AWS SDK, or AWS CloudFormation. Learn more at [Using resource-based policies with DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html).
What else is happening at Amazon Web Services?
Amazon AppStream 2.0 users can now save their user preferences between streaming sessions
December 13th, 2024
Services
Share
AWS Elemental MediaConnect Gateway now supports source-specific multicast
December 13th, 2024
Services
Share
Amazon EC2 instances support bandwidth configurations for VPC and EBS
December 13th, 2024
Services
Share
AWS announces new AWS Direct Connect location in Osaka, Japan
December 13th, 2024
Services
Share
Amazon DynamoDB announces support for FIPS 140-3 interface VPC and Streams endpoints
December 13th, 2024
Services
Share