search

awsdocs / iam-user-guide

Official documentation source for the AWS Identity and Access Management (IAM) User Guide
MIT No Attribution
324 stars 355 forks source link

Fix multi-value context key DynamoDB example #292

Closed marcogrcr closed 1 year ago

marcogrcr commented 1 year ago

Issue #, if available:

N/A

Description of changes:

The DynamoDB multi-value context key examples omit the fact that GetItem, PutItem, UpdateItem (and likely other operations) always include the primary key attributes in the dynamodb:Attributes context key. Therefore:

  1. The ForAllValues example provides a false sense of security since it does not protect for the case when the user implicitly requests all attributes by not specifying a ProjectionExpression.
  2. The ForAnyValue example provides a condition that will never evalute to false since it includes the partition key in the value list.

This commit fixes the previously mentioned problems in the examples. Additionally, the ForAnyValue example is updated to use the UpdateItem operation instead of PutItem since it has more semantic meaning.

Other minor changes like the order of appearance of Warning and Important messages and the reference to the DynamoDB documentation are updated to more logical places.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

ljquin commented 1 year ago

Thank you for taking the time to submit this pull request. This topic will be reviewed for accuracy and updated accordingly.

Once I have more information I'll provide an update here.

joshbean commented 1 year ago

Closing this issue or pull request in advance of archiving this repo. For more information about the decision to archive this repo (and others in the 'awsdocs' org), see the announcement on the AWS News Blog.