AWS::IoT::Policy
Use the AWS::IoT::Policy resource to declare an AWS IoT policy.
For information about working with AWS IoT policies, see Authorization in the AWS IoT Developer Guide.
Syntax
JSON
{ "Type": "AWS::IoT::Policy", "Properties": { "PolicyDocument":JSON object, "PolicyName":String} }
YAML
Type: AWS::IoT::Policy Properties: PolicyDocument:JSON objectPolicyName:String
Properties
PolicyDocument-
The JSON document that describes the policy.
Required: Yes
Type: JSON object
Update requires: Replacement
PolicyName-
The name (the physical ID) of the AWS IoT policy.
Required: No
Type: String
Update requires: Replacement
Return Values
Ref
When you provide the logical ID of this resource to the Ref intrinsic
function, Ref returns the policy name. For example:
{ "Ref": "MyPolicy" }
For more information about using the Ref function, see Ref.
Fn::GetAtt
Fn::GetAtt returns a value for a specified attribute of this type.
The following are the available attributes and sample return values.
Arn-
The Amazon Resource Name (ARN) of the AWS IoT policy, such as
arn:aws:iot:us-east-2:123456789012:policy/MyPolicy.
For more information about using Fn::GetAtt, see Fn::GetAtt.
Example
The following example declares an AWS IoT policy.
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "MyPolicy": { "Type": "AWS::IoT::Policy", "Properties": { "PolicyName": { "Ref": "NameParameter" }, "PolicyDocument": { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": [ "iot:Connect" ], "Resource": [ "*" ] }] } } } }, "Parameters": { "NameParameter": { "Type": "String" } } }
YAML
AWSTemplateFormatVersion: "2010-09-09" Resources: MyPolicy: Type: AWS::IoT::Policy Properties: PolicyName: Ref: "NameParameter" PolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Action: - "iot:Connect" Resource: - "*" Parameters: NameParameter: Type: "String"
