How can I restrict certain topics when not using AWS Cognito?

0

I am using AWS IoT for a webapp and I need to restrict some topics so that only a specific user (client) can connect to them.

How can I achieve this? My app uses lambda functions with topicRule event listeners to trigger application code. I'm using the beta custom authentication and passing IoT authentication data through the username/password at connect.

I am not using cognito for authentication and again my javascript app sends auth token when connecting to mqtt. The developer guide only shows how to do it when using cognito which I am not (https://docs.aws.amazon.com/iot/latest/developerguide/pub-sub-policy.html).

How could I check the authentication data when a client attempts to subscribe to a certain topic and verify they are authorized to do so?

Thanks!

Edited by: phasetwo on Aug 15, 2020 1:10 AM

borg
asked 2 years ago20 views
1 Answer
0

solved by using custom authorizer function and specifying a policy specific to a logged in user

borg
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions