AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約
AWS re:Postre:Post

Is it possible to modify the JITP Policy for a registered CA?

0

Once the CA is registered, I can't see how to change the JITP policy. The only way I found was to remove the CA and register it again with the new policy, which can be inconvenient.

Is there any way to update the JITP policy?

Txs!

トピック
モノのインターネット (IoT)
タグ
AWS IoT CoreAWS IoT Device Management
言語
English
pfuentes69
質問済み 1年前275ビュー
2回答
1

Another option would be to use a policy name in your provisioning template. With a policy name you can reference an existing policy which you can change outside of the provisioning template.

Cheers,
Philipp

AWS
エキスパート
Philipp S
回答済み 1年前
  • pfuentes69
    1年前

    Thanks, Philipp! This sound quite more practical. I checked the man page and I only see reference to the policy names referring to the security policy inside the JITP policy, but not to the full JITP policy itself? Can you point me to some instructions on how to specify the policy name when registering a CA? Cheers!

  • Philipp S エキスパート
    1年前

    Hi pfuentes69, please take a look at the link I posted and search for PolicyName. To use a named policy you create your IoT policy before you use it in the template. Assuming you named the policy my_aws_iot_policy your template entry would look similar to:

    "policy" : {
            "Type" : "AWS::IoT::Policy",
            "Properties" : {
                "PolicyName" : "my_aws_iot_policy"
            }
        }
0

I think I found an answer... aws iot update-ca-certificate --certificate-id $CA_CERTIFICATE_ID \ --no-remove-auto-registration \ --new-auto-registration-status ENABLE \ --registration-config "<NEW_POLICY>"

As explained here: https://catalog.us-east-1.prod.workshops.aws/workshops/7c2b04e7-8051-4c71-bc8b-6d2d7ce32727/en-US/provisioning-options/just-in-time-provisioning

pfuentes69
回答済み 1年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ