Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

What can be achieved by AttachThingPrincipal API when used with Cognito Identity?

0

Hi,

It is not quite clear in the documentation what can be achieved by using "AttachThingPrincipal" API with Cognito Identity. I know that by calling "AttachPolicy", I can attach IoT Policy to Cognito Identity to give it access to IoT Core.

Regarding "AttachThingPrincipal" the documentation states that:

You can use the AttachThingPrincipal API to attach certificates and authenticated Amazon Cognito identities to a thing. iot:Connection.Thing.ThingName is a useful thing policy variable to enforce client ID restrictions.

Does this mean that after attaching Cognito Identity to a Thing by using "AttachThingPrincipal" API, the Identity will be mapped to this Thing and ${iot:Connection.Thing.ThingName} set in policy attached to Cognito Identity will be resolved as Thing Name?

Argomenti
Internet delle cose (IoT)Sicurezza, identità e conformità
Tag
AWS IoT CoreAmazon Cognito
Lingua
English
K676
posta un anno fa245 visualizzazioni
1 Risposta
1
Risposta accettata

Yes, your understanding is correct. In order to be able to use the Thing Policy variables in the AWS IoT Policies, the principal (certificate or Cognito Identity) must have been associated with a Thing.

AWS
ESPERTO
MassimilianoAWS
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente