创建 Amazon IoT 策略 - Amazon IoT Core
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

创建 Amazon IoT 策略

创建 Amazon IoT 策略,以允许您的 Raspberry Pi 连接到 Amazon IoT 和向其发送消息。

  1. Amazon IoT 控制台中,如果显示 Get started (开始使用) 按钮,请选择该按钮。否则,请在导航窗格中展开 Secure (安全),然后选择 Policies (策略)

  2. 如果显示您还没有任何策略对话框,请选择创建策略。否则,选择 Create

  3. 输入 Amazon IoT 策略的名称(例如 MoistureSensorPolicy)。

  4. 添加声明部分中,将现有策略替换为以下 JSON。使用您的 Amazon Web Services 区域 和 Amazon Web Services 账户 账号替换区域账户

    { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": "iot:Connect", "Resource": "arn:aws:iot:region:account:client/RaspberryPi" }, { "Effect": "Allow", "Action": "iot:Publish", "Resource": [ "arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/update", "arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/delete", "arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/get" ] }, { "Effect": "Allow", "Action": "iot:Receive", "Resource": [ "arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/update/accepted", "arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/delete/accepted", "arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/get/accepted", "arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/update/rejected", "arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/delete/rejected" ] }, { "Effect": "Allow", "Action": "iot:Subscribe", "Resource": [ "arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/update/accepted", "arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/delete/accepted", "arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/get/accepted", "arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/update/rejected", "arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/delete/rejected" ] }, { "Effect": "Allow", "Action": [ "iot:GetThingShadow", "iot:UpdateThingShadow", "iot:DeleteThingShadow" ], "Resource": "arn:aws:iot:region:account:thing/RaspberryPi" } ] }
  5. 选择创建