1 Answer
- Newest
- Most votes
- Most comments
1
Hello,
I'm sorry to say that no, there is no way to assign a role for Greengrass to use at a Thing Group level. The individual things will all need their own permission to assume the role. The permission to assume the role could be stored in one IoT Policy which is then attached to each Thing's certificate; that way at least you don't need to duplicate policies.
Relevant content
- asked 3 years ago
- asked 4 months ago
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
Thank you. I guess one could emulate this by having one token exchange role per group and specifying the "group role" during the device install.
Yes, if you have thing groups with unique access requirements, then you can have different roles for each. Note that you are limited to 100 IoT Role Aliases per region, so you can only do that with 100 groups.