UNPKG

aws-mqtt

Version:

AWS IoT MQTT broker client

github.com/kmamykin/aws-mqtt

kmamykin/aws-mqtt

74 lines (69 loc) 2.03 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
AWSTemplateFormatVersion: "2010-09-09" Description: > All resources to be able to run chat example, publish example and integration tests. Resources: IdentityPool: Type: AWS::Cognito::IdentityPool Properties: AllowUnauthenticatedIdentities: true UnauthenticatedRole: Type: AWS::IAM::Role Properties: # This is about constraints who can assume this role AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Principal: Federated: "cognito-identity.amazonaws.com" Effect: "Allow" Action: - "sts:AssumeRoleWithWebIdentity" Condition: StringEquals: "cognito-identity.amazonaws.com:aud": !Ref IdentityPool ForAnyValue:StringLike: "cognito-identity.amazonaws.com:amr": "unauthenticated" Policies: - PolicyName: "root" PolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Action: "*" Resource: "*" AuthenticatedRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Principal: Federated: - "cognito-identity.amazonaws.com" Action: - "sts:AssumeRole" Policies: - PolicyName: "root" PolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Action: "iot:*" Resource: "*" GuestRoleAttachment: Type: AWS::Cognito::IdentityPoolRoleAttachment Properties: IdentityPoolId: !Ref IdentityPool Roles: unauthenticated: !GetAtt UnauthenticatedRole.Arn authenticated: !GetAtt AuthenticatedRole.Arn Outputs: IdentityPool: Value: !Ref IdentityPool