# DynamoDB

## Requirements

| Name           | Description                                                                         |
| -------------- | ----------------------------------------------------------------------------------- |
| Teleskope Role | Attach DynamoDB read and/or write permissions to the Teleskope IAM role you created |

{% stepper %}
{% step %}

### Grant Teleskope Read Access to DynamoDB

Teleskope needs read access to scan and classify your data stored in DynamoDB.

Attach the AmazonDynamoDBReadOnlyAccess to the Teleskope role you created.

#### Terraform

```
resource "aws_iam_role_policy_attachment" "dynamodb_policy" {
  role       = "TeleskopeRole"
  policy_arn = "arn:aws:iam::aws:policy/AmazonDynamoDBReadOnlyAccess"
}
```

{% endstep %}

{% step %}

### Grant Teleskope Read & Write Access to DynamoDB (optional)

Teleskope needs write access take enforce remediation policies such as tagging, redaction, deletion, etc.

Attach the AmazonDynamoDBReadOnlyAccess to the Teleskope role you created.

#### Terraform

```
resource "aws_iam_role_policy_attachment" "dynamodb_policy" {
  role       = "TeleskopeRole"
  policy_arn = "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess"
}
```

{% endstep %}
{% endstepper %}