Bird
0
0

Given this IAM policy condition:

medium📝 query result Q4 of 15
DynamoDB - Security and Access Control
Given this IAM policy condition:
{"Condition": {"ForAllValues:StringEquals": {"dynamodb:LeadingKeys": ["user123"]}}

What items can the user access in the DynamoDB table?
AAll items in the table
BOnly items where the partition key equals 'user123'
COnly items where the sort key equals 'user123'
DNo items, because the condition is invalid
Step-by-Step Solution
Solution:

  1. Step 1: Understand the dynamodb:LeadingKeys condition

    This condition restricts access to items with partition key values matching 'user123'.

  2. Step 2: Clarify partition vs sort key

    The condition applies to the partition key, not the sort key, so only items with partition key 'user123' are accessible.

  3. Final Answer:

    Only items where the partition key equals 'user123' -> Option B

  4. Quick Check:

    dynamodb:LeadingKeys limits partition key access [OK]
Quick Trick: LeadingKeys controls partition key item access [OK]
Common Mistakes:
MISTAKES
  • Confusing partition key with sort key
  • Assuming condition allows all items

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More DynamoDB Quizzes
Access Patterns and Query Optimization - Why access patterns drive design - Quiz 13medium Access Patterns and Query Optimization - Hot partition prevention - Quiz 3easy Backup and Recovery - Import from S3 - Quiz 7medium Cost Optimization and Monitoring - On-demand vs provisioned cost comparison - Quiz 8hard Cost Optimization and Monitoring - Reserved capacity - Quiz 3easy Cost Optimization and Monitoring - Cost estimation for access patterns - Quiz 14medium DynamoDB with AWS SDK - Expressions with SDK helpers - Quiz 3easy DynamoDB with AWS SDK - Expressions with SDK helpers - Quiz 6medium DynamoDB with Serverless - Lambda function with DynamoDB - Quiz 9hard Security and Access Control - IAM policy for DynamoDB - Quiz 12easy