How can I restrict certain topics when not using AWS Cognito?


I am using AWS IoT for a webapp and I need to restrict some topics so that only a specific user (client) can connect to them.

How can I achieve this? My app uses lambda functions with topicRule event listeners to trigger application code. I'm using the beta custom authentication and passing IoT authentication data through the username/password at connect.

I am not using cognito for authentication and again my javascript app sends auth token when connecting to mqtt. The developer guide only shows how to do it when using cognito which I am not (

How could I check the authentication data when a client attempts to subscribe to a certain topic and verify they are authorized to do so?


Edited by: phasetwo on Aug 15, 2020 1:10 AM

asked 3 years ago132 views
1 Answer

solved by using custom authorizer function and specifying a policy specific to a logged in user

answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions