AccessDeniedException: User is not authorized to perform dynamodb BatchWriteItem on resource: table

Question

I am using nodejs, serverless and aws dynamodb. I am trying to create a lambda where I am calling an API, getting the data (1000 records) and now, I want to insert this data into my dynamodb.

I am using batchWrite for this and using it by creating buckets of 25 json objects each. But I am getting an error:
AccessDeniedException: <Username> is not authorized to perform dynamodb BatchWriteItem on resource <table-name>

When I do the same without batchWrite and individual PUT operations, it works fine (but I need to use batch because that gives throughput exceeded error).

I have given all administrative rights in AWS to the user which I am using with serverless.

Answer 1

in your serverless.yml file, you should add a new role

    - Effect: Allow
  Action:
    - dynamodb:DescribeTable
    - dynamodb:Query
    - dynamodb:Scan
    - dynamodb:GetItem
    - dynamodb:PutItem
    - dynamodb:UpdateItem
    - dynamodb:DeleteItem
    - dynamodb:BatchWriteItem
  Resource: "arn:aws:dynamodb:${self:custom.region}:*:table/*"

Answer 2

Here is how I set it when using Amplify CLI project:

{
    "Effect": "Allow",
    "Action": [
        "dynamodb:PutItem",
        "dynamodb:DeleteItem",
        "dynamodb:GetItem",
        "dynamodb:Query",
        "dynamodb:Scan",
        "dynamodb:UpdateItem",
        "dynamodb:BatchWriteItem",
        "dynamodb:Scan"
    ],
    "Resource": "arn:aws:dynamodb:*:*:table/*"
},
{
    "Effect": "Allow",
    "Action": "dynamodb:Query",
    "Resource": "arn:aws:dynamodb:*:*:table/*/index/*"
}