{"id":"dynamodb-fgac-attribute-level-condition-keys","text":"DynamoDB supports attribute-level access control using the `dynamodb:Attributes` condition key with `ForAllValues:StringEquals` to restrict which attributes can be read or written, and `dynamodb:Select` set to `SPECIFIC_ATTRIBUTES` to prevent leaking disallowed attributes through index projections.","truth_value":"IN","source":"entries/2026/03/11/IAM-latest-UserGuide-reference_policies_examples_dynamodb_attributeshtml.md","source_url":"","source_hash":"9c1e099ef43cc3b6","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"dynamodb-fgac-attribute-level-condition-keys","truth_value":"IN","reason":"premise"}]}}