1. 19
    Debug permission issues and allow a lambda function to access data from a DynamoDB table
    2m 30s

Debug permission issues and allow a lambda function to access data from a DynamoDB table

InstructorTomasz Łakomy

Share this video with your friends

Send Tweet

At the end of the last lesson we've managed to create a Lambda function which we want to use to get data from DynamoDB table using the scan operation.

Unfortunately, after calling the lambda function we get a following response:

"message": "User: arn:aws:sts::696785635119:assumed-role/TodoAppStack-TodoDatabaseTodoHandlerServiceRole991-152UNT6KUIOG2/TodoAppStack-TodoDatabaseTodoHandlerDD6198FE-CPTO6AAJJU5W is not authorized to perform: dynamodb:Scan on resource: arn:aws:dynamodb:eu-central-1:696785635119:table/TodoAppStack-TodoDatabaseTodoTable29EA4913-E6Z09XSAAHF8",

In this quick lesson we're going to learn two things:

  • how to debug permission issues in AWS using CloudWatch
  • how to allow a lambda function to access data from a DynamoDB table with grantReadWriteData function (in a single line of code!)