IoT Policy rules for publishing directly to rules (basic ingestion)
The AWS IoT Core action resources documentation explains how you can formulate policy statements for resource-limiting iot:Publish.
I am wondering: can you use this control access to be able to publish to basic ingestion rules. What I'm looking to do is to allow certain clients to ONLY publish to rules via basic ingestion, perhaps specific rules. Is something like this this okay:
resources: ["arn:aws:iot:*:*:topic/$aws/rules/*"]
- 最新
- 投票最多
- 评论最多
Hello,
Yes, you can use "resources: ["arn:aws:iot:::topic/$aws/rules/*"]"
According to the below documentation, we can observe below:
Before you use Basic Ingest, verify that your device or application is using a policy that has publish permissions on $aws/rules/. Alternatively, you can specify permission for individual rules with $aws/rules/rule_name/ in the policy.
[+]. https://docs.aws.amazon.com/iot/latest/developerguide/iot-basic-ingest.html#iot-basic-ingest-use
相关内容
AWS 官方已更新 1 年前- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
