AWS Security ChangesHomeSearch

AWS amazondynamodb documentation change

Service: amazondynamodb · 2025-11-01 · Documentation low

File: amazondynamodb/latest/developerguide/specifying-conditions.md

Summary

Clarified dynamodb:Attributes condition key to specify top-level attributes accessed in requests.

Security assessment

Documentation clarification for IAM policy conditions. No direct security implications or new security features added.

Diff

diff --git a/amazondynamodb/latest/developerguide/specifying-conditions.md b/amazondynamodb/latest/developerguide/specifying-conditions.md
index c1a0c64f8..e793261f6 100644
--- a//amazondynamodb/latest/developerguide/specifying-conditions.md
+++ b//amazondynamodb/latest/developerguide/specifying-conditions.md
@@ -131,9 +131 @@ DynamoDB Condition Key | Description
-`dynamodb:Attributes` |  Represents a list of the attribute names in a request, or the attributes that are returned from a request. `Attributes` values are named the same way and have the same meaning as the parameters for certain DynamoDB API actions, as shown following:
-
-  * `AttributesToGet` Used by: `BatchGetItem, GetItem, Query, Scan`
-  * `AttributeUpdates` Used by: `UpdateItem`
-  * `Expected` Used by: `DeleteItem, PutItem, UpdateItem`
-  * `Item` Used by: `PutItem`
-  * `ScanFilter` Used by: `Scan`
-
-  
+`dynamodb:Attributes` |  Represents a list of the _top-level_ attributes accessed by a request. A top-level attribute is accessed by a request if it, or any nested attribute that it contains, is specified in the request parameters or returned from the request. For example, a `GetItem` request that specifies a `ProjectionExpression` of `"Name, Address.City"`, the `dynamodb:Attributes` list would include "Name" and "Address".