I'm using Python on cloud9 and I don't want to grant permissions through console. Does boto3 provide any method to grant permissions like the grant_read_write_data() offered by aws_cdk.aws_dynamodb. The code works fine when I run it through CLI but when I run it through a pipeline it gives an error at the BUILD stage. I'm calling the functions in my stack. Please help, I'm new to AWS and I find it very difficult to read the documentation especially the policies.

import boto3
from resources import s3bucket
import time

def create_sprint3_table():
    client_ = boto3.resource('dynamodb')
    try:
        table = client_.create_table(
            TableName='NEWTABLE',
            KeySchema=[
                {
                    'AttributeName': 'URL_ADDRESS',
                    'KeyType': 'HASH'  # Partition key
                }
            ],
            AttributeDefinitions=[
                {
                    'AttributeName': 'URL_ADDRESS',
                    'AttributeType': 'S'
                }
    
            ],
            ProvisionedThroughput={
                'ReadCapacityUnits': 10,
                'WriteCapacityUnits': 10
            }
        )
        time.sleep(5)
        #table.grant_read_write_data()
    except:
        pass


def putting_sprint3_data():
    URLs = s3bucket.read_file("newbucket", "urlsList.json")
    client_ = boto3.client('dynamodb')
    for U in URLs:
        item = {
            'URL_ADDRESS': {'S': U}
                }
        print(item)
        client_.put_item(TableName="NEWTABLE", Item=item)

Thank You. I hope I was clear.

CodePudding user response：

Your pipeline role does not have permissions to execute PutItem. You have to update that role to add such permissions.