Closed hallaji closed 1 year ago
Hi. Sorry that this information seems not to have made it into the docs - we're working now on adding it to relevant pages. In the meantime, here are the answers:
GetItem
, Query
PutItem
, UpdateItem
, DeleteItem
, BatchWriteItem
, ConditionCheckItem
If you're not concerned with being very granular in your permissions, then you could use a wildcard of *Item
and then add Query
as well. The reason I broke it down this way into reading vs. writing is that depending on how you've deployed your various components and how you're using roles in AWS, you might or might not want to make a distinction between processes that can both read and write, and processes that can only read. For instance, if you're using the Relay Proxy to populate the database (which I'm guessing you are, because that's necessary for using Big Segments), and you've configured the Node SDK with useLdd: true
so that it will get all its data from that database, and if they are running on different hosts that have different roles, then you could use read-only access for the role that's being used by the Node app; the Node SDK wouldn't be doing any writing in that scenario.
Looks like this was resolved.
Hi LaunchDarkly team,
Our team is so keen to know which DynamoDB permissions are required in our infrastructure in order to benefit from
feature store
andbig segments
in Node SDK. Would you be able to elaborate on this or steer me to the right documents or more info, please?