我正在使用适用于iOS的AWS Mobile Hub。我在访问我的应用程序中的某个dynamodb表(RemoteFileInfos)时遇到问题。我得到的错误信息是:
2017-06-12 13:19:49.851462-0500 FormValet-R[3659:1789148] Error Domain=com.amazonaws.AWSServiceErrorDomain Code=6 "(null)" UserInfo={__type=com.amazon.coral.service#AccessDeniedException, Message=User: arn:aws:sts::999999999:assumed-role/[role name]/CognitoIdentityCredentials is not authorized to perform: dynamodb:UpdateItem on resource: [dynamodb table ARN]}
在我的应用中写入其他表(用户和RemoteShareInfos)时,我没有收到此错误。
这是" nosqldatabase"嵌入在上面提到的经过身份验证的角色([角色名称])中的策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:BatchWriteItem",
"dynamodb:DeleteItem",
"dynamodb:PutItem",
"dynamodb:UpdateItem",
"dynamodb:BatchGetItem",
"dynamodb:DescribeTable",
"dynamodb:GetItem",
"dynamodb:ListTables",
"dynamodb:Query",
"dynamodb:Scan"
],
"Resource": [
"arn:aws:dynamodb:us-east-1:999999999:table/Users",
"arn:aws:dynamodb:us-east-1:999999999:table/Users/*",
"arn:aws:dynamodb:us-east-1:999999999:table/RemoteFileInfos",
"arn:aws:dynamodb:us-east-1:999999999:table/RemotFileInfos/*",
"arn:aws:dynamodb:us-east-1:999999999:table/RemoteShareInfos",
"arn:aws:dynamodb:us-east-1:999999999:table/RemoteShareInfos/*"
]
}
]
}
我注意到我的角色ARN中的第三个令牌是" iam" (即" arn:aws:iam :: 99999999999 ...)而错误消息中的角色ARN具有第三个标记" sts" (即" arn:aws:sts :: 99999999999 ...)。这可能是问题吗?
由于
答案 0 :(得分:0)
程序员错误。错误消息中的表名与实际的表名不同。我拼错了AWSDynamoDBObjectModel子类中的表名。