AWS::IoT::Policy - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::IoT::Policy

Use the AWS::IoT::Policy resource to declare an Amazon IoT policy. For more information about working with Amazon IoT policies, see Authorization in the Amazon IoT Developer Guide.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::IoT::Policy", "Properties" : { "PolicyDocument" : Json, "PolicyName" : String, "Tags" : [ Tag, ... ] } }

YAML

Type: AWS::IoT::Policy Properties: PolicyDocument: Json PolicyName: String Tags: - Tag

Properties

PolicyDocument

The JSON document that describes the policy.

Required: Yes

Type: Json

Minimum: 1

Maximum: 404600

Update requires: No interruption

PolicyName

The policy name.

Required: No

Type: String

Update requires: Replacement

Tags

Property description not available.

Required: No

Type: Array of Tag

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the policy name. For example:

{ "Ref": "MyPolicy" }

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn

The Amazon Resource Name (ARN) of the Amazon IoT policy, such as arn:aws:iot:us-east-2:123456789012:policy/MyPolicy.

Id

The name of this policy.

Examples

The following example declares an Amazon IoT policy. This example grants permission to connect to Amazon IoT with client ID client1.

JSON

{ "Type":"AWS::IoT::Policy", "Properties": { "PolicyDocument": { "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "iot:Connect" ], "Resource":[ "arn:aws:iot:us-east-1:123456789012:client/client1" ] } ] }, "PolicyName":"PolicyName" } }

YAML

Type: AWS::IoT::Policy Properties: PolicyDocument: Version: '2012-10-17' Statement: - Effect: - Allow Action: - iot:Connect Resource: - arn:aws:iot:us-east-1:123456789012:client/client1 PolicyName: PolicyName