Example: Access an Amazon IoT Events resource in a specified region - Amazon IoT Events
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

End of support notice: On May 20, 2026, Amazon end support for Amazon IoT Events. After May 20, 2026, you will no longer be able to access the Amazon IoT Events console or Amazon IoT Events resources. For more information, visit this Amazon IoT Events end of support.

Example: Access an Amazon IoT Events resource in a specified region

This example demonstrates how to configure an IAM role to access Amazon IoT Events resources in a specific Amazon region. By using region-specific ARNs in your IAM policies, you can restrict access to Amazon IoT Events resources across different geographical areas. This approach can help maintain security and compliance in multi-region deployments. The region in this example is us-east-1.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": [
          "iotevents.amazonaws.com"
        ]
      },
      "Action": "sts:AssumeRole",
      "Condition": {
        "StringEquals": {
          "aws:SourceAccount": "account_id"
        },
        "ArnEquals": {
          "aws:SourceArn": "arn:aws:iotevents:us-east-1:account_id:*"
        }
      }
    }
  ]
}