So, I am currently making a DynamoDB table with multiple indexes and trying to manage access control.
I have a key (organizationId) that I do not want to use as my secondary indexes partition or sort key, because it would be pretty much pointless query-wise.
DynamoDB table
- Table name: Executions
- Partition key: OrganizationId (String)
DynamoDB Secondary Index
- Primary partition key: processId (String)
- Primary sort key: status (Number)
Would the following IAM Policy condition effectively limit access on the secondary index based on the organizationId ?
"Condition": {
"ForAllValues:StringEquals": {
"dynamodb:LeadingKeys": [
"anOrganizationId / Variable"
]
}
}