Closed plentyofbytes closed 1 year ago
Apologize for the late response. Policies are very much application specific. I would encourage you to read the section on policies in the AWS IoT Core documentation. https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html
I discovered my inability to connect to MQTT service was because my Thing policy was incorrect. I am not knowledgeable enough to give it a proper fix, but I just added this to the Connection Allows:
"arn:aws:iot:::client/*"
Essentially, I am being given permission to connect to various services(or topics?, or something else?), but not the right one. Again, I'm not sure what I actually need to put here, but putting a wildcard resolved it for me. I am using the iot-core lambda to provision.
My policy looks more like this now: { "Effect": "Allow", "Action": [ "iot:Connect" ], "Resource": [ "arn:aws:iot:::client/sdk-java",
"arn:aws:iot:::client/basicPubSub",
"arn:aws:iot:::client/sdk-nodejs-",
"arn:aws:iot:::client/ "
}