2 Answers
- Newest
- Most votes
- Most comments
1
Another option would be to use a policy name in your provisioning template. With a policy name you can reference an existing policy which you can change outside of the provisioning template.
Cheers,
Philipp
0
I think I found an answer...
aws iot update-ca-certificate --certificate-id $CA_CERTIFICATE_ID \ --no-remove-auto-registration \ --new-auto-registration-status ENABLE \ --registration-config "<NEW_POLICY>"
As explained here: https://catalog.us-east-1.prod.workshops.aws/workshops/7c2b04e7-8051-4c71-bc8b-6d2d7ce32727/en-US/provisioning-options/just-in-time-provisioning
answered a year ago
Relevant content
- asked 4 months ago
- asked a year ago
- Can I use ACM to issue private certificates when the AWS Private CA validity is less than 13 months?AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 4 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 5 years ago
Thanks, Philipp! This sound quite more practical. I checked the man page and I only see reference to the policy names referring to the security policy inside the JITP policy, but not to the full JITP policy itself? Can you point me to some instructions on how to specify the policy name when registering a CA? Cheers!
Hi pfuentes69, please take a look at the link I posted and search for
PolicyName
. To use a named policy you create your IoT policy before you use it in the template. Assuming you named the policymy_aws_iot_policy
your template entry would look similar to: