End of support notice: On May 20, 2026, Amazon will end support for Amazon IoT Events. After May 20, 2026, you will no longer be able to access the Amazon IoT Events console or Amazon IoT Events resources. For more information, see Amazon IoT Events end of support.
Access one Amazon IoT Events input
Granular access control to Amazon IoT Events inputs is important for maintaining security in multi-user or multi-team environments. This section shows how to create IAM policies that grant access to specific Amazon IoT Events inputs while restricting access to others.
In this example, you can grant a user in your Amazon Web Services account access to one of your
Amazon IoT Events inputs, exampleInput. You also can allow the user to add, update, and
delete inputs.
The policy grants the
iotevents:ListInputs, iotevents:DescribeInput,
iotevents:CreateInput, iotevents:DeleteInput, and
iotevents:UpdateInput permissions to the user.
For an example
walkthrough for the Amazon Simple Storage Service (Amazon S3) that grants permissions to users and tests them
using the console, see Controlling access to a bucket with
user policies.
{ "Version":"2012-10-17", "Statement":[ { "Sid":"ListInputsInConsole", "Effect":"Allow", "Action":[ "iotevents:ListInputs" ], "Resource":"arn:aws-cn:iotevents:::*" }, { "Sid":"ViewSpecificInputInfo", "Effect":"Allow", "Action":[ "iotevents:DescribeInput" ], "Resource":"arn:aws-cn:iotevents:::exampleInput" }, { "Sid":"ManageInputs", "Effect":"Allow", "Action":[ "iotevents:CreateInput", "iotevents:DeleteInput", "iotevents:DescribeInput", "iotevents:ListInputs", "iotevents:UpdateInput" ], "Resource":"arn:aws-cn:iotevents:::exampleInput/*" } ] }