1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
Lets try to take it step by step. First, the policy you required to use for your Thing is IoT Policy, and not IAM policy, which is for IAM identities (users, user groups, and roles). The policy should be attached to a certificate. Cartificate should be attached to a Thing. I'd suggest to start by enabling logging in the 'Settings' page of the AWS IoT Console, and using overly permissive IoT Policy(1) until you make it work. Once you succeed to connect and subscribe/publish, modify the IoT policy to include what you need.
(1) Not for production
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:*"
],
"Resource": "*"
}
]
}
con risposta 2 anni fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa
thanks for the reply. We originally were using associated certificates for policy association. However, to get past security requirements for Android app store, we had to use MQTT over websockets and Signature Version 4 authentication. It then just uses https/wss protocol instead. That eliminates the certificate need at the mobile app, thus eliminating some security requirements. We also did enable the logging on the AWS IoT console. We have seen some really generic failures coming in but nothing to help build out a proper Resource arn to lock things down. Thanks for the advice.