Add dynamodb:DescribeTable to DynamoDBCrudPolicy

Question

Add dynamodb:DescribeTable to DynamoDBCrudPolicy

sliedig opened this issue 6 years ago · 3 comments

Description:

Have a template for .NET Core 2.1 function with DynamoDBCrudPolicy.

    ResolveIncidentFunction:
        Type: AWS::Serverless::Function
        Properties:
            Description: DevelopingWithStepFunctions - Marks the  incident as resolved.
            CodeUri: ./artifacts/ResolveIncidentTask.zip
            Handler: ResolveIncidentTask::ResolveIncidentTask.Function::FunctionHandler
            Policies:
            - DynamoDBCrudPolicy:
                TableName: !Ref IncidentsTable

Function raises exception when trying to invoke PutItemAsync operation.

arn:function... is not authorized to perform: dynamodb:DescribeTable on resource: arn:table...

Adding action to new custom policy resolves the issue.

Can we please add to action to the DynamoDBCrudPolicy?

Answer 1 · 2018-07-15T02:59:20.000Z

Could you submit a PR?

Answer 2 · 2018-09-21T12:03:50.000Z

Any idea when this will be merged into the master branch . I faced the same issue , and for now , I have to manually add the policy from IAM to get it working after my app is deployed from the serverless app repository?
Thanks in advance.

Answer 3 · 2018-09-25T22:16:55.000Z

@turjachaudhuri @sliedig This feature has now been released and is available for use