The AWS Construct Library for the AWS CDK provides widely-implemented idioms to manage access to your cloud resources. The IAM module offers tools to provide various IAM principals with authenticated access to AWS resources. Certain resource constructs within the Construct Library have built-in methods to grant commonly used permissions to other resources, i.e. read and write access.
In this lab, you will work with the IAM module to create an IAM Role with DynamoDB permissions. You will also work with the DynamoDB construct method to grant access to a Lambda function you create.
Learning Objectives
Upon completion of this intermediate-level lab, you will be able to:
- Deploy an IAM Role and Policy using the AWS CDK
- Explore built-in AWS CDK Construct methods to grant resource access
Intended Audience
- Cloud Architects
- DevOps Engineers
- Software Engineers
Prerequisites
Familiarity with the following will be beneficial but is not required:
- AWS Cloud Development Kit (CDK)
- AWS Identity and Access Management (IAM)
- Amazon DynamoDB
- AWS Lambda
The following content can be used to fulfill the prerequisite:
- Introduction to IAM
- Introduction to DynamoDB
- Defining Cloud Infrastructure with the AWS CDK v2 in Python
- Managing Assets with the AWS CDK v2
Updates
April 17th, 2024 - Resolved IAM permission issue
August 16th, 2023 - Remove Node deprecation warning and updated CDK CLI version
March 13th, 2023 - Enabled autosave in the lab's browser IDE
Jun is a Cloud Labs Developer with previous experience as a Software Engineer and Cloud Developer. He holds the AWS Certified Solutions Architect and DevOps Engineer Professional certifications. He also holds the AWS Certified Solutions Architect, Developer, and SysOps Administrator Associate certifications.
Jun is focused on giving back to the growing cloud community by sharing his knowledge and experience with students and creating engaging content.