1

I a newbie to AWS. My requirement is to add field-level, document-level, and collection-level permissions for reads and writes for AWS DocumentDB. One collection should accessible only from one microservice and the document should be modified only by the owner of the document(i,e user document can be modified only by that user)

I have done enough research and found, adding a restriction for accessing a DB can be done using Role-Based-Access-Control if we want to allow only for one tenant, but didn't get a clear idea of my problem statement i.e managing collection-level, document-level, and field-level permissions

Is there any other way to achieve this..?

Any help will be appreciated

rajashekar
  • 609
  • 5
  • 19
  • 2
    Amazon DocumentDB does not support field-level, document-level and collection-level permissions. – meet-bhagdev May 18 '21 at 22:25
  • If it is the case, then one user can modify another's data which should not happen. Is there any other way to achieve this..? – rajashekar May 19 '21 at 00:51
  • You can use role-based access control to limit access to particular databases for instance. See this link to learn more - https://docs.aws.amazon.com/documentdb/latest/developerguide/role_based_access_control.html – meet-bhagdev May 19 '21 at 21:13
  • @meet-bhagdev I already mentioned in the question that limiting accessing to DB can be handled by role-based access but, I want to add permissions to collection and document and fields. Let's say in users collection there will different users, so another user should not be able to modify another user document (document-level permissions comes here). Using role-based-access control we can add limit access to particular databases but not for collections and documents – rajashekar May 20 '21 at 02:54
  • understood. limiting permissions for collections and documents is not supported for Amazon DocumentDB at the current moment. – meet-bhagdev May 20 '21 at 23:09

0 Answers0