Error: KMS Key Access Denied Error DynamoDB

Rafal Wilinski

Answered by Rafal Wilinski

What's Causing This Error

As the error itself represents, this error occurs when you do not own permission to perform the attempted task. For instance, when using an AWS KMS key, several policies determine the security of the database table. So, this kind of error can occur if the necessary permission is not granted to the IAM user trying to access the table.

Solution: Here's How To Resolve It

In such instances, ensure that the IAM user attempting to access the table has the necessary permission to complete the task. For example, a minimum of the following permissions should be there.

  • Having kms:GenerateDataKey permission for generating and encrypting table key.
  • kms:ReEncrypt permission for re-encrypt data encryption keys from a newly generated table key if the customer-managed key is modified.
  • kms:CreateGrant permission and kms:DescribeKey permission.

Better DynamoDB experience.

First 7 days are on us. No strings attached.

Product Features

Member Portal
© 2024 Dynobase
Still using AWS DynamoDB Console?
Try Dynobase to accelerate your DynamoDB workflow. Start your 7-day free trial today.