-
Book Overview & Buying
-
Table Of Contents
-
Feedback & Rating

AWS Certified DevOps Engineer - Professional Certification and Beyond
By :

As with other services in AWS, Dynamo DB allows fine-grained access control via the IAM service. You can either allow or disallow users at the service, table, or attribute level, depending on how you have structured your IAM policies.
AWS recommends, as a best practice, that you use the principle of least privilege and only allow users to access the data in the tables that they require versus blanket access.
DynamoDB is an especially popular backend database for mobile and game developers. This can result in thousands of users needing to access even a single table. In this use case scenario, it is impractical to try to create an IAM user for each and every user:
Figure 5.6 – Web Identity Federation to a DynamoDB table
The best way to understand how users who are authenticating via a web identity provider, such as Facebook or Google, gain access to data in a DynamoDB table...