{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iot:Connect",
"Resource": [
"arn:aws:iot:us-east-2:000000000000:client/sub",
"arn:aws:iot:us-east-2:000000000000:client/pub"
]
},
{
"Effect": "Allow",
"Action": "iot:Subscribe",
"Resource": "arn:aws:iot:us-east-2:000000000000:topicfilter/org/cid/+/data"
},
{
"Effect": "Allow",
"Action": "iot:Publish",
"Resource": "arn:aws:iot:us-east-2:000000000000:topic/org/cid/sample/data"
},
{
"Effect": "Allow",
"Action": "iot:Receive",
"Resource": "arn:aws:iot:us-east-2:000000000000:topic/org/cid/sample/data"
}
]
}
这是我的发布客户:
mosquitto_pub -h endpoint-ats.iot.us-east-2.amazonaws.com -p 8883 -i pub --cafile aws-iot-root-ca-1.pem --cert pub-certificate.pem.crt --key pub-private.pem.key -t /org/cid/sample/data -m 'Hello'
这是我的订阅客户:
mosquitto_sub -h endpoint-ats.iot.us-east-2.amazonaws.com -p 8883 -i sub --cafile aws-iot-root-ca-1.pem --cert sub-certificate.pem.crt --key sub-private.pem.key -t /org/cid/+/data -d
订阅永远不会通过;
Client sub sending CONNECT
Client sub received CONNACK
Client sub sending SUBSCRIBE (Mid: 1, Topic: /org/cid/+/data, QoS: 0)
Client sub sending CONNECT
证书已正确附加到策略。
是否有一个选项可以定义每个客户端的发布/订阅设置标识符?我想念什么?
#1 楼
两件事:不接受将
+作为订购通配符。从文档中:在
策略中,MQTT通配符'+'不被视为通配符。尝试订阅与模式匹配的主题过滤器
foo / + / bar,如foo / baz / bar或foo / goo / bar失败,并导致客户端
断开连接。
主题字符串不应以斜杠开头。
因此,我更改了策略以具有准确的主题字符串,并删除了我的pub和sub客户斜杠。现在可以使用。
:roll-eyes: