2回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
Please Check once below policy,
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iot:Connect",
"Resource": ""
},
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Receive"
],
"Resource": "arn:aws:iot:eu-central-1:624671744366:topic/${iot:Connection.Thing.ThingName}/"
},
{
"Effect": "Allow",
"Action": "iot:Subscribe",
"Resource": "arn:aws:iot:eu-central-1:624671744366:topicfilter/${iot:Connection.Thing.ThingName}/"
}
],
"Condition": {
"StringEquals": {
"iot:ClientId": "${iot:Connection.Thing.ThingName}"
}
}
}
回答済み 1ヶ月前
0
Hi. Please see here in regards to the thing name policy variable: https://docs.aws.amazon.com/iot/latest/developerguide/thing-policy-variables.html
The thing name is obtained from the client ID in the MQTT Connect message sent when a thing connects to AWS IoT Core.
When you're replacing thing names with thing policy variables, the value of clientId in the MQTT connect message or the TLS connection must exactly match the thing name.
So it's currently not possible to use that policy variable and "have a flexible client_ID not restricted to thing name".
関連するコンテンツ
- AWS公式更新しました 2年前