Menu
I am following this tutorial and have setup the DynamoDB table and permissions as described, but the app crashes saying:
CognitoIdentityCredentials is not authorized to perform: dynamodb:UpdateItem on resource: arn:aws:dynamodb:us-east-1:some_number:table/Books" (The table which I am trying to access is on us-west-2).
Please find below the code and the error:
Code:
setContentView(R.layout.activity_main);
Runnable runnable = new Runnable() {
public void run() {
//DynamoDB calls go here
CognitoCachingCredentialsProvider credentialsProvider=new CognitoCachingCredentialsProvider(getApplicationContext(),"us-west-2:some_num", Regions.US_WEST_2);
AmazonDynamoDBClient ddbClient = new AmazonDynamoDBClient(credentialsProvider);
DynamoDBMapper mapper = new DynamoDBMapper(ddbClient);
Book book = new Book();
book.setTitle("Great Expectations");
book.setAuthor("Charles Dickens");
book.setPrice(1299);
book.setIsbn("12345678901");
book.setHardCover(false);
mapper.save(book);
Toast.makeText(MainActivity.this,String.valueOf(mapper), Toast.LENGTH_LONG).show();
}
};
Thread mythread = new Thread(runnable);
mythread.start();
Error:
E/AndroidRuntime: FATAL EXCEPTION: Thread-9530
Process: com.example.imb_bng_04.dynamodb, PID: 30264
com.amazonaws.AmazonServiceException: User: arn:aws:sts::some_number:assumed-role/Cognito_sampleapp2Unauth_Role/CognitoIdentityCredentials is not authorized to perform: dynamodb:UpdateItem on resource: arn:aws:dynamodb:us-east-1:some-number:table/Books (Service: AmazonDynamoDB;
Status Code: 400; Error Code: AccessDeniedException; Request ID: NMSNFJB24D6G3MO8RL6H624FA)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:712)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:388)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:199)
at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.invoke(AmazonDynamoDBClient.java:4181)
at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.updateItem(AmazonDynamoDBClient.java:1582)
at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper$SaveObjectHandler.doUpdateItem(DynamoDBMapper.java:1173)
at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper$2.executeLowLevelRequest(DynamoDBMapper.java:873)
at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper$SaveObjectHandler.execute(DynamoDBMapper.java:1056)
at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper.save(DynamoDBMapper.java:904)
at com.amazonaws.mobileconnectors.dynamodbv2.dynamodbmapper.DynamoDBMapper.save(DynamoDBMapper.java:688)
at com.example.imb_bng_04.dynamodb.MainActivity$1$override.run(MainActivity.java:32)
at com.example.imb_bng_04.dynamodb.MainActivity$1$override.access$dispatch(MainActivity.java)
at com.example.imb_bng_04.dynamodb.MainActivity$1.run(MainActivity.java:0)
at java.lang.Thread.run(Thread.java:818)
01-27 18:10:16.004 1430-4135/? E/ActivityManager: Invalid thumbnail dimensions: 0x0
Any help with this would be greatly appreciated.
302
asked Oct 23 '25 15:10
You probably didn't create policy, on AWS, every action is forbidden unless someone defined otherwise.
Go to "IAM" (Change the URL to your region - https://console.aws.amazon.com/iam/home?region=us-east-1)
on the left menu click on "Policy" and then "Create policy" and select the "Create your own policy"
At the Policy name and description write what you want, and at the Policy document insert:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:*"
],
"Resource": [
"arn:aws:dynamodb:*:table/YOUR_TABLE_NAME"
]
}
]
}
Now go to users: https://console.aws.amazon.com/iam/home?region=us-east-1#/users/
Select the user you created the credentials for, click the "Permissions" tab and click "Add Permission" and then "Attach existing policies directly"
Select the policy you created and try again
112
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
