In the previous recipe, we created a role for the AWS Cognito identity pool. Now, it's time to create a policy and apply the role with the proper permissions for the Android app to access the required tables.
Let's create a policy and apply the role:
Log in to the AWS web console and navigate to AWS IAM at https://console.aws.amazon.com/iam/.
Click on Policies and start creating a new policy. From the options, you can select Create your own policy and provide a policy document, as shown in the following code. Update only the AWS account number with your actual account number:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "dynamodb:DeleteItem", "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:Scan...