AWS IoT
开发人员指南
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

创建 AWS IoT 策略

创建 AWS IoT 策略,以允许您的 Raspberry Pi 连接到 AWS IoT 和向其发送消息。

  1. AWS IoT 控制台中,如果显示 Get started (开始使用) 按钮,请选择该按钮。否则,请在导航窗格中展开 Secure (安全),然后选择 Policies (策略)

  2. 如果显示您还没有任何策略对话框,请选择创建策略。否则,选择 Create

  3. 输入 AWS IoT 策略的名称(例如 MoistureSensorPolicy)。

  4. 添加声明部分中,将现有策略替换为以下 JSON。将 <region><account> 替换为您的 AWS 区域和 AWS 账号。

    { "Version": "2012-10-17”, "Statement": [ { "Effect": “Allow”, "Action": "iot:Connect”, "Resource": "arn:aws:iot:<region>:<account>:client/RaspberryPi” }, { "Effect": “Allow”, "Action": "iot:Publish”, "Resource": [ "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/update”, "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/delete”, "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/get” ] }, { "Effect": “Allow”, "Action": "iot:Receive”, "Resource": [ "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/update/accepted”, "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/delete/accepted”, "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/get/accepted”, "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/update/rejected”, "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/delete/rejected”, "arn:aws:iot:<region>:<account>:topic/$aws/things/RaspberryPi/shadow/get/rejected” ] }, { "Effect": “Allow”, "Action": "iot:Subscribe”, "Resource": [ "arn:aws:iot:<region>:<account>:topicfilter/$aws/things/RaspberryPi/shadow/update/accepted”, "arn:aws:iot:<region>:<account>:topicfilter/$aws/things/RaspberryPi/shadow/delete/accepted”, "arn:aws:iot:<region>:<account>:topicfilter/$aws/things/RaspberryPi/shadow/get/accepted”, "arn:aws:iot:<region>:<account>:topicfilter/$aws/things/RaspberryPi/shadow/update/rejected”, "arn:aws:iot:<region>:<account>:topicfilter/$aws/things/RaspberryPi/shadow/delete/rejected”, "arn:aws:iot:<region>:<account>:topicfilter/$aws/things/RaspberryPi/shadow/get/rejected” ] }, { "Effect": “Allow”, "Action": [ "iot:GetThingShadow”, "iot:UpdateThingShadow”, "iot:DeleteThingShadow” ], "Resource": "arn:aws:iot:<region>:<account>:thing/RaspberryPi” } ] }
  5. 选择 Create