amazon-dynamodbamazon-iamaws-cdkidentity-managementaws-cdk-typescript

How to grant IAM User access to a DynamoDB CfnGlobalTable in CDK?


Previously, the dynamodb Table class had a method called "grantFullAccess(IamUser)". I'm trying to create a CfnGlobalTable now instead, but I don't seem to see any way to grant full access to an iam user? Does anyone know how I can accomplish this? Documentation seems to be poor in this area.


Solution

  • CfnGlobalTable is a low level resource and doesn't contain utility methods such as grantReadWrite etc... In order to do that, you will have to define your own IAM policies/roles and grant them to resources.