1 Answer
- Newest
- Most votes
- Most comments
0
HI,
I would suggest you look into this solution https://docs.aws.amazon.com/solutions/latest/smart-product-solution/architecture.html for a more scalable approach in a scenario where you have devices and users, typical of a smart product application.
For your specific question, if you the certificate or the Cognito Identity is associated to an IoT Thing, you can use the policy variable in the Resource
definition as follow:
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:us-east-1:123456789012:client/${iot:Connection.Thing.ThingName}"
]
}
Note that the IoT Thing associated with the device certificate should be different from the IoT Thing associate with the Cognito Identity.
Relevant content
- asked a year ago
- asked 7 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 years ago