gpt4 book ai didi

amazon-dynamodb - AWS AppSync IAM DynamoDb 角色

转载 作者:行者123 更新时间:2023-12-03 23:36:09 25 4
gpt4 key购买 nike

我正在尝试创建一个简单的 IAM 角色,以使我的 AppSync 服务连接到我的 DynamoDb 数据库,但由于 AppSync 处于预览状态,IAM 无法将 AppSync 识别为服务。如何创建 IAM 角色以让 AppSync 拥有对 DynamoDb 的完全访问权限?

最佳答案

信任关系方面看起来像这样

可信关系文档示例

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "appsync.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}

政策文档基本上和往常一样

示例策略文档
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"dynamodb:PutItem",
"dynamodb:UpdateItem",
"dynamodb:DeleteItem",
"dynamodb:GetItem",
"dynamodb:Query",
"dynamodb:Scan"
],
"Resource": "*",
"Effect": "Allow"
}
]
}

如果您使用的是 CloudFormation 模板,它可能如下所示

CloudFormation 模板示例
  AppSyncRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Principal:
Service:
- "appsync.amazonaws.com"
Action:
- "sts:AssumeRole"
Policies:
-
PolicyName: "appsync-policy"
PolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Action:
- "dynamodb:PutItem"
- "dynamodb:UpdateItem"
- "dynamodb:DeleteItem"
- "dynamodb:GetItem"
- "dynamodb:Query"
- "dynamodb:Scan"
Resource: "*"

关于amazon-dynamodb - AWS AppSync IAM DynamoDb 角色,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/49226146/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com