Creating the access policy and applying it to the AWS Cognito role
In the previous recipe, we created a role for the AWS Cognito identity pool. Now, it's time to create a policy and apply the role with the proper permissions for the Android app to access the required tables.
Getting ready
To get started with this recipe, you need to know how to use the AWS console.
How to do it…
Let's create a policy and apply the role:
- Log in to the AWS web console and navigate to AWS IAM at https://console.aws.amazon.com/iam/.
- Click on Policies and start creating a new policy. From the options, you can select Create your own policy and provide a policy document, as shown in the following code. Update only the AWS account number with your actual account number:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "dynamodb:DeleteItem", ...