我正在尝试设置IoT设备以生成到iPhone应用程序的推送通知。该设备还发布有关AWSIoT的mqtt主题,iPhone应用程序认为该主题很好。我已经在AWS中“手动”创建了推送通知所需的设置,并验证了它也可以正常工作。但是,我需要在代码中大规模执行此操作(我有许多设备与iPhone的1:1连接)。因此,使用AWS开发工具包(快速),这些步骤可以正常工作: *创建sns主题 *创建平台端点 *订阅端点
但是在创建规则时,我得到一个AccessDeniedException。这是相关代码:
// Create a specific rule action
let snsAction = AWSIoTSnsAction()
snsAction?.messageFormat = AWSIoTMessageFormat.json
snsAction?.roleArn = self.iot2SNSRoleArn
snsAction?.targetArn = snsTopic.topicArn
// Add action to action 'list'
let action = AWSIoTAction()
action?.sns = snsAction
let payload = AWSIoTTopicRulePayload()
payload?.actions = [action!]
payload?.awsIotSqlVersion = "2016-03-23"
payload?.sql = "SELECT * FROM alerts"
let ruleRequest = AWSIoTCreateTopicRuleRequest()
ruleRequest?.ruleName = "alertRule_" + myID
ruleRequest?.topicRulePayload = payload
iot.createTopicRule(ruleRequest!).continueWith(executor: AWSExecutor.mainThread(), block: {(task: AWSTask!) -> AnyObject? in
if task.error != nil { print("AWS IoT Rule Error: \(String(describing: task.error))"); return nil }
if task.result == nil { print( "AWS IoT Rule ok.") }
return nil
})
对createTopicRule(ruleRequest!)的调用失败,并出现AccessDeniedException。
该角色已附加AmazonSNSFullAccess,AWSIoTFullAccess和AWSIoTRuleActions策略。 IoTCreateTopicRuleRequest()的文档指出,它需要管理员访问权限,但我不太了解哪种适用的策略-相当多,大多数/很多安全性清除方式太多。