1 Answer
- Newest
- Most votes
- Most comments
0
Hi.
You can limit the Topic a user can subscribe/publish to using the variable cognito-identity.amazonaws.com:sub
in the IoT Core policy. Something like this.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:<REGION>:<ACCOUNT_ID>:client/${cognito-identity.amazonaws.com:sub}"
],
"Effect": "Allow"
}
}
To connect you use temporary IAM credentials retrieved via the identity pool.
See AWS Documentation and this blog example
Relevant content
- asked 2 years ago
- asked a year ago
- asked 6 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 9 months ago
In this way I created both IOT policy and IAM policy but it does not work. What else can I do?