我正在尝试使用Cognito用户ID插入我的DynamoDB表,我总是得到" AccessDeniedException "。我按照文档编写并为其创建了表和策略,如下所示。这里缺少什么。请查看完整的堆栈信息和请求ID。
表的UserId为Hashkey,id为rangekey
策略:的
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:BatchGetItem",
"dynamodb:BatchWriteItem",
"dynamodb:DeleteItem",
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:Query",
"dynamodb:UpdateItem"
],
"Resource": [
"arn:aws:dynamodb:us-east-1:1828211111:table/Table"
],
"Condition": {
"ForAllValues:StringEquals": {
"dynamodb:LeadingKeys": [
"${cognito-identity.amazonaws.com:sub}"
]
}
}
}
]
}
保存数据的代码:
AWS.DynamoDBhelper.Credentials.AddLogin(Helpers.Constants.KEY_LAST_USED_PROVIDER,Helpers.Settings.LoginAccessToken );
var identityId = await AWS.DynamoDBhelper.Credentials.GetIdentityIdAsync();
var client = new Amazon.DynamoDBv2.AmazonDynamoDBClient(AWS.DynamoDBhelper.Credentials, Amazon.RegionEndpoint.USEast1);
Amazon.DynamoDBv2.DataModel.DynamoDBContext context = new Amazon.DynamoDBv2.DataModel.DynamoDBContext(client);
AWS.Table table= new AWS.Table();
table.UserId = identityId;
table.id = "1";
await context.SaveAsync(table);
ex = {Amazon.DynamoDBv2.AmazonDynamoDBException:assume-role / _auth_MOBILEHUB / CognitoIdentityCredentials无权执行:dynamodb:资源上的DescribeTable:arn:aws:dynamodb:us-east-1
型号:
[DynamoDBTable("Table")]
public class Table
{
[DynamoDBHashKey]
public string UserId { get; set; }
[DynamoDBRangeKey]
public string id { get; set; }
}