Hi guys, there seems to be some kind of mismatch between local stack and real stack regarding permissions for Dynamodb. Somehow during the local development process the lambda handlers have access to the Dynamodb table without explicitly attached permissions, obviously the code doesn't work after deploying the stack to AWS. Is there any config to prevent this behavior? Thanks!

Do you think this is because the network request to Dynamo is coming from your local machine using

aws-sdk

which is using your local credentials?

could be, but how about SSM parameters, we always get an error if we don't assign permissions for SSM, even in the local stack

Raised a bug for this a little while ago, https://github.com/serverless-stack/serverless-stack/issues/363, fix went out in v0.26.0; are you using that version as a minimum

thanks! i am using an old version, i will update to 0.26 and try again

@Oleksii Let me know if 0.26.0 works for you. Locally invoked Lambda is designed to have the same set of permissions as the real Lambda. It doesn’t use ur local credentials.