I'm using Python on cloud9 and I don't want to grant permissions through console. Does boto3 provide any method to grant permissions like the grant_read_write_data() offered by aws_cdk.aws_dynamodb. The code works fine when I run it through CLI but when I run it through a pipeline it gives an error at the BUILD stage. I'm calling the functions in my stack. Please help, I'm new to AWS and I find it very difficult to read the documentation especially the policies.
import boto3
from resources import s3bucket
import time
def create_sprint3_table():
client_ = boto3.resource('dynamodb')
try:
table = client_.create_table(
TableName='NEWTABLE',
KeySchema=[
{
'AttributeName': 'URL_ADDRESS',
'KeyType': 'HASH' # Partition key
}
],
AttributeDefinitions=[
{
'AttributeName': 'URL_ADDRESS',
'AttributeType': 'S'
}
],
ProvisionedThroughput={
'ReadCapacityUnits': 10,
'WriteCapacityUnits': 10
}
)
time.sleep(5)
#table.grant_read_write_data()
except:
pass
def putting_sprint3_data():
URLs = s3bucket.read_file("newbucket", "urlsList.json")
client_ = boto3.client('dynamodb')
for U in URLs:
item = {
'URL_ADDRESS': {'S': U}
}
print(item)
client_.put_item(TableName="NEWTABLE", Item=item)
Thank You. I hope I was clear.
CodePudding user response:
Your pipeline role does not have permissions to execute PutItem
. You have to update that role to add such permissions.