Policy: AWS > DynamoDB > Permissions > Lockdown > API Boundary

Configure whether the AWS dynamodb API is enabled for all users and roles in turbot-managed boundary policies.

Note that disabling the service disables the API for ALL users and roles, and Guardrails will have no access to the API.

Resource Types

This policy targets the following resource types:

AWS > Account

Primary Policy

This policy is used with the following primary policy:

AWS > DynamoDB > Permissions > Lockdown

Policy Specification

Schema Type	`string`
Default	`Enabled if AWS > DynamoDB > API Enabled`
Valid Values [YAML]	`Enabled if AWS > DynamoDB > API Enabled`
Examples [YAML]	`Enabled if AWS > DynamoDB > API Enabled`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/iamPermissions

Policy Type URI

tmod:@turbot/aws-dynamodb#/policy/types/dynamodbPermissionsLockdownApiBoundary

GraphQL

query policyType(id: "tmod:@turbot/aws-dynamodb#/policy/types/dynamodbPermissionsLockdownApiBoundary") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-dynamodb#/policy/types/dynamodbPermissionsLockdownApiBoundary'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-dynamodb#/policy/types/dynamodbPermissionsLockdownApiBoundary'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-dynamodb#/policy/types/dynamodbPermissionsLockdownApiBoundary"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-dynamodb#/policy/types/dynamodbPermissionsLockdownApiBoundary"