2 個答案
- 最新
- 最多得票
- 最多評論
1
Please Check once below policy,
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iot:Connect",
"Resource": ""
},
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Receive"
],
"Resource": "arn:aws:iot:eu-central-1:624671744366:topic/${iot:Connection.Thing.ThingName}/"
},
{
"Effect": "Allow",
"Action": "iot:Subscribe",
"Resource": "arn:aws:iot:eu-central-1:624671744366:topicfilter/${iot:Connection.Thing.ThingName}/"
}
],
"Condition": {
"StringEquals": {
"iot:ClientId": "${iot:Connection.Thing.ThingName}"
}
}
}
已回答 1 個月前
0
Hi. Please see here in regards to the thing name policy variable: https://docs.aws.amazon.com/iot/latest/developerguide/thing-policy-variables.html
The thing name is obtained from the client ID in the MQTT Connect message sent when a thing connects to AWS IoT Core.
When you're replacing thing names with thing policy variables, the value of clientId in the MQTT connect message or the TLS connection must exactly match the thing name.
So it's currently not possible to use that policy variable and "have a flexible client_ID not restricted to thing name".
相關內容
- 已提問 7 個月前
- AWS 官方已更新 3 年前