Status: IN
To properly restrict DynamoDB attribute-level access, you must combine all three condition keys: `dynamodb:Attributes`, `dynamodb:Select`, and `dynamodb:ReturnValues`.
Source: entries/2026/03/11/amazondynamodb-latest-developerguide-specifying-conditionshtml.md