spring-data-dynamodb Not authorized to perform: dynamodb:PutItem on resource in EKS

Not authorized to perform: dynamodb:PutItem on resource in EKS

Open nanandmca opened this issue 2 years ago • 1 comments

Expected Behavior

Actual Behavior

User: arn:aws:sts:::assumed-role//aws-sdk-java-1649071401744 is not authorized to perform: dynamodb:PutItem on resource: arn:aws:dynamodb:ap-southeast-1::table/ (Service: AmazonDynamoDBv2; Status Code: 400; Error Code: AccessDeniedException; Request ID: A400G97E6PDN6AOU3OEOH1O5AEMVJF66Q9ASUAAJG
Steps to Reproduce the Problem

Deploy in EKS

Use AWS role / arn

Specifications

Spring Data DynamoDB Version: 5.2.5

Spring Data Version: 2.5.10

AWS SDK Version: 1.11.914

Java Version: 14

Platform Details: EKS

All those information are logged by org.socialsignin.spring.data.dynamodb.repository.support.DynamoDBRepositoryFactory on INFO level on startup. Or use java -version and mvn dependency:tree | grep -E 'spring|aws' to provide those version numbers.

Apr 05 '22 09:04 nanandmca

Same code is working fine when change to "com.github.derjust:spring-data-dynamodb" with older spring boot version...

even older spring boot version getting error for "io.github.boostchicken:spring-data-dynamodb"

I suspect may be table prefix have issue.. Can any one confirm how to handle table prefix in "io.github.boostchicken:spring-data-dynamodb"

public static class TableNameResolver extends DynamoDBMapperConfig.DefaultTableNameResolver

Apr 06 '22 02:04 nanandmca

spring-data-dynamodb spring-data-dynamodb copied to clipboard

Not authorized to perform: dynamodb:PutItem on resource in EKS

Expected Behavior

Actual Behavior

Steps to Reproduce the Problem

Specifications

spring-data-dynamodb
spring-data-dynamodb copied to clipboard