hands-on lab

Managing Access and Permissions with the AWS CDK

Intermediate
Up to 1h
80
5/5
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.

Description

The AWS Construct Library for the AWS CDK provides widely-implemented idioms to manage access to your cloud resources. The IAM module offers tools to provide various IAM principals with authenticated access to AWS resources. Certain resource constructs within the Construct Library have built-in methods to grant commonly used permissions to other resources, i.e. read and write access.

In this lab, you will work with the IAM module to create an IAM Role with DynamoDB permissions. You will also work with the DynamoDB construct method to grant access to a Lambda function you create.

Learning Objectives

Upon completion of this intermediate-level lab, you will be able to:

  • Deploy an IAM Role and Policy using the AWS CDK
  • Explore built-in AWS CDK Construct methods to grant resource access

Intended Audience

  • Cloud Architects
  • DevOps Engineers
  • Software Engineers

Prerequisites

Familiarity with the following will be beneficial but is not required:

  • AWS Cloud Development Kit (CDK)
  • AWS Identity and Access Management (IAM)
  • Amazon DynamoDB
  • AWS Lambda

The following content can be used to fulfill the prerequisite:

Updates

April 17th, 2024 - Resolved IAM permission issue

August 16th, 2023 - Remove Node deprecation warning and updated CDK CLI version

March 13th, 2023 - Enabled autosave in the lab's browser IDE

Environment before

Environment after

About the author

Avatar
Jun Fritz, opens in a new tab
Cloud Labs Developer
Students
41,063
Labs
112
Courses
1
Learning paths
6

Jun is a Cloud Labs Developer with previous experience as a Software Engineer and Cloud Developer. He holds the AWS Certified Solutions Architect and DevOps Engineer Professional certifications. He also holds the AWS Certified Solutions Architect, Developer, and SysOps Administrator Associate certifications. 

Jun is focused on giving back to the growing cloud community by sharing his knowledge and experience with students and creating engaging content. 

Covered topics

Lab steps

Setting up the AWS CDK Project
Creating IAM Resources with the AWS CDK
Granting Resource Access with CDK Construct Methods