AWS Step Functions
Developer Guide

Amazon DynamoDB

These example templates show how AWS Step Functions generates IAM policies based on the resources in your state machine definition. For more information see:

Static resources:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem" ], "Resource": [ "arn:aws:dynamodb:[[region]]:[[accountId]]:table/[[tableName]]" ] } ] }

Dynamic resources:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:UpdateItem", "dynamodb:DeleteItem" ], "Resource": "*" } ] }