Amazon DynamoDB V2 Connector uses the standard Amazon AWS SDK authentication mechanisms.
If you do not provide the access key and the secret key in the connection, Amazon DynamoDB V2 Connector uses AWS credentials provider chain that looks for credentials in the following order:
1The AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY or AWS_ACCESS_KEY and AWS_SECRET_KEY environment variables.
2The aws.accessKeyId and aws.secretKey java system properties.
3The credential profiles file at the default location, ~/.aws/credentials.
4The instance profile credentials, such as the master instance profile and the worker instance profile in the advanced cluster, delivered through the Amazon EC2 metadata service.
For more information, see the AWS documentation.
IAM authentication
Use IAM authentication for a secure and controlled access to Amazon DynamoDB tables when you run a task.
You can configure IAM authentication when the Secure Agent runs on an Amazon Elastic Compute Cloud (EC2) system.
1Create a policy with read and write access to Amazon DynamoDB tables.
2Create the Amazon EC2 role.
The Amazon EC2 role is used when you create an EC2 system. For more information about creating the Amazon EC2 role, see the AWS documentation.
3Link the policy with the Amazon EC2 role.
4Create an EC2 instance and then assign the Amazon EC2 role that you created in step 2 to the EC2 instance.