How can I restrict certain topics when not using AWS Cognito?

0

I am using AWS IoT for a webapp and I need to restrict some topics so that only a specific user (client) can connect to them.

How can I achieve this? My app uses lambda functions with topicRule event listeners to trigger application code. I'm using the beta custom authentication and passing IoT authentication data through the username/password at connect.

I am not using cognito for authentication and again my javascript app sends auth token when connecting to mqtt. The developer guide only shows how to do it when using cognito which I am not (https://docs.aws.amazon.com/iot/latest/developerguide/pub-sub-policy.html).

How could I check the authentication data when a client attempts to subscribe to a certain topic and verify they are authorized to do so?

Thanks!

Edited by: phasetwo on Aug 15, 2020 1:10 AM

borg
已提问 4 年前190 查看次数
1 回答
0

solved by using custom authorizer function and specifying a policy specific to a logged in user

borg
已回答 3 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则