独家优惠奖金 100% 高达 1 BTC + 180 免费旋转

Creating a DynamoDB Table and granting an EC2 Instance Privileges to it

I will be going over how I created a table in DynamoDB and added items to said table. After that creating a EC2 instance and granting it privileges to only read the DynamoDB table.

1|TABLE

First I made my way to DynamoDB on the AWS site. On the left side menu I selected “Tables” from there I selected “Create Table”

Next I filled in the parts needed for my specific table and crated the table.

Next I selected my newly created table and started the process of adding the items to it, clicking the “Explore table items”.

Then from this page selecting “Create item”…

and inputting the items through this page. My table was “Piano Composers” and my attributes for the table were the composers name and the musical era they participated in.

After all my items were created and added to the table I made my way over to EC2.

2|Instance

Once in EC2 I created a t.2 micro instance. I selected “Launch instances” and made these selections shown in the screenshots to create the instance I wanted…

With my instance created…

I made my way to IAM to start on making a role with privileges.

3|Privilege

Once in the IAM console I selected “Roles” on the left side menu and then selected “Create role”

Since this role is being created for the EC2 instance this are the options I used…

Next for adding permissions I simply searched Dynamo and selected the Read only option permission for this role.

After this role has been created we want to go back to EC2 and our new instance to give it the privileges to Read our DynamoDB table.

Once I selected the instance I went to the “Actions” options as shown in the picture above to navigate to the role options for the instance.

Next I added my newly created role with read only privilege for DynamoDB to the instance.

4|Check

Now I needed to check everything was well and working through using the AWS CLI.

To reach this I went to my instance in EC2 and selected the “Connect” button.

Then to enter the CLI simply pressed “Connect” and was greeted by the next screen shown…

Now that I was connected I proceeded to run a scan command on the new table we created with the following command.

Where I put “PianoComposers” is where the Table name would go and where I put “us-east-1” is where the region you used will go.

This screen followed the input of the command…

As you can see it successfully read our full table contents. Next we will test to see if we can add and item to the table which shouldn’t be possible if the role with privileges were done correctly.

Using this next command I attempted to add another item to the table via the CLI…

With this command I’m essentially trying to add a new item in this case another composer whose name is Franz Schubert and era was the romantic era.

If you did this correctly the command won’t be found and you will be unable to add an item to the table which shows that the instance successfully has read only privileges and is unable to write.

This is a good example of the principle of least privilege, which is giving a subject the bare minimum privileges to complete the job need. So in this case I wanted the EC2 instance to be able to “read only” and have no other privileges.

Add a comment

What is your view?

Send

Related posts:

Challenges the Construction Industry is Facing in 2022

As one of the largest sectors in the US economy, the construction industry employs over seven million people across 733,000 businesses. Close to $1.4 trillion worth of structures are built in the…

Oakland murals

Recommended murals. “Oakland murals” is published by Liz in Infraculture.

Apathy among College Students

There are so many problems and causes to fight for in our world today, that often it is too daunting to be aware of them all. It may seem as if college students and younger people today are ignoring…