如何在代码中创建AWS SNS主题(iOS Mobile Hub SDK)

时间:2016-05-05 21:26:41

标签: ios aws-sdk amazon-sns

我想在代码中动态创建Amazon SNS主题。我正在使用适用于iOS的AWS Mobile Hub sdk。

当我尝试创建主题时

SELECT CASE WHEN section_subsubkategorie.FK_SubSubKategorie IS NULL THEN 'section does not contain subsubkategorie' ELSE convert(varchar(10), section_subsubkategorie.FK_SubSubKategorie, 121)  END AS IDX, *
        FROM tbSection as section
                INNER JOIN tbSection_SubSubKategorie as section_subsubkategorie ON section.Id = section_subsubkategorie.FK_Section_ID
                LEFT JOIN tbSubSubKategorie as subkategorie 
                ON section_subsubkategorie.FK_SubSubKategorie = subkategorie.Id

我从AWS收到错误:

…
AWSSNSCreateTopicInput* input = [AWSSNSCreateTopicInput new];
NSString* name = @"topic_name";
[input setName:name];

[[[[AWSSNS defaultSNS] createTopic:input] continueWithSuccessBlock:^id _Nullable(AWSTask<AWSSNSCreateTopicResponse *> * _Nonnull task)
…

(角色/凭据)表示IAM角色及其Cognito凭据。 (主题)是我通过给出主题名称

请求的主题的ARN

AWS Mobile Hub为我的移动中心角色创建了以下推送策略:

<Message>User: (role/credentials) is not authorized to perform: SNS:CreateTopic on resource: (topic)</Message>

我尝试添加行

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "sns:CreatePlatformEndpoint",
                "sns:GetEndpointAttributes",
                "sns:SetEndpointAttributes"
            ],
            "Resource": [
                "(APN role arn)"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "sns:Subscribe",
                "sns:Publish",
                "sns:Unsubscribe"
            ],
            "Resource": [
                "(dynamodb role arn)",
                "(Mobile Hub Role arn)"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "sns:ListTopics"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

到中间的权限集(就在“sns:Subscribe”之上)但是没有解决错误。从错误消息和阅读AWS文档,似乎我必须将策略附加到我创建的每个主题以便使用它。以下是AWS文档中可能相关的2个片段:

"sns:CreateTopic",


The following example shows the permissions that are automatically created by AWS Config for a new topic. This policy statement allows AWS Config to publish to a specified Amazon SNS topic.

If you want to use an existing SNS topic from another account or you set up your delivery channel using the API, make sure to attach the following policy to the SNS topic.

{
  "Id": "Policy1415489375392",
  "Statement": [
    {
      "Sid": "AWSConfigSNSPolicy20150201",
      "Action": [
        "SNS:Publish"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:sns:region:account-id:myTopic",
      "Principal": {
        "Service": [
          "config.amazonaws.com"
        ]
      }
    }
  ]
}

这是我能够找到的关于使用sdk创建主题的全部内容。任何人都可以提供或指出一个完整的例子吗?

由于

1 个答案:

答案 0 :(得分:0)

亚马逊SNS的AWS论坛(简单通知服务),支持移动推送的服务,可能是获得此主题帮助的更好地方。
https://forums.aws.amazon.com/forum.jspa?forumID=72

问题似乎是适当的移动应用用户IAM角色没有创建主题的权限。默认情况下,Mobile Hub不向移动应用用户授予创建SNS主题的权限。你应该将sns:CreateTopic权限添加到具有sns的语句:ListTopic,就像这样...... 

    {
        "Effect": "Allow",
        "Action": [
            "sns:ListTopics",
            "sns:CreateTopic",
        ],
        "Resource": [
            "*"
        ]
    }
相关问题
最新问题