How do I attach BatchWriteItem Permission to my IAM role policy?

Hey I just started with Serverless so I am trying to be as precise as possible with my problem.

I am using AWS AppSyncDynamoDB resolvers to use GraphQL to store and retrieve data in my Amazon DynamoDB table. Everything was working fine until I wanted to use Batch operations specifically BatchDeleteItem.

I got the error that my user was missing the necessary permissions even though I specified in my Serverless.yml file the following:

  • Effect: “Allow”
    Action:
    - dynamodb:DescribeTable
    - dynamodb:Query
    - dynamodb:Scan
    - dynamodb:GetItem
    - dynamodb:PutItem
    - dynamodb:UpdateItem
    - dynamodb:DeleteItem
    - dynamodb:BatchWriteItem
    - dynamodb:BatchDeleteItem

I went into the IAM Management console and saw that within the created policy BatchWriteItem and BatchDelteItem were missing:

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Action”: [
“dynamodb:DeleteItem”,
“dynamodb:GetItem”,
“dynamodb:PutItem”,
“dynamodb:Query”,
“dynamodb:Scan”,
“dynamodb:UpdateItem”
],
“Resource”: [
“arn:aws:dynamodb:eu-central-1:MYID:table/MYTABLENAME”,
“arn:aws:dynamodb:eu-central-1:MYID:table/MYTABLENAME/*”
],
“Effect”: “Allow”
}
]
}

When I add the necessary permission manually to the policy everything is working. But it is really important for me that this policy is created over the serverless.yml file and sls deploy.

Am I missing something here?

Thanks Ben!