Menu
AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS::IoT::Policy

Use the AWS::IoT::Policy resource to declare an AWS IoT policy.

For information about working with AWS IoT policies, see Authorization in the AWS IoT Developer Guide.

Syntax

JSON

Copy
{ "Type": "AWS::IoT::Policy", "Properties": { "PolicyDocument": JSON object, "PolicyName": String } }

YAML

Copy
Type: "AWS::IoT::Policy" Properties: PolicyDocument: JSON object PolicyName: String

Properties

PolicyDocument

The JSON document that describes the policy.

Required: Yes

Type: JSON object

Update requires: Replacement

PolicyName

The name (the physical ID) of the AWS IoT policy.

Required: No

Type: String

Update requires: Replacement

Return Values

Ref

When you provide the logical ID of this resource to the Ref intrinsic function, Ref returns the policy name. For example:

Copy
{ "Ref": "MyPolicy" }

For more information about using the Ref function, see Ref.

Fn::GetAtt

Fn::GetAtt returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

Arn

The Amazon Resource Name (ARN) of the AWS IoT policy, such as arn:aws:iot:us-east-2:123456789012:policy/MyPolicy.

For more information about using Fn::GetAtt, see Fn::GetAtt.

Example

The following example declares an AWS IoT policy.

JSON

Copy
{ "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "MyPolicy": { "Type": "AWS::IoT::Policy", "Properties": { "PolicyName": { "Ref": "NameParameter" }, "PolicyDocument": { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": [ "iot:Connect" ], "Resource": [ "*" ] }] } } } }, "Parameters": { "NameParameter": { "Type": "String" } } }

YAML

Copy
AWSTemplateFormatVersion: "2010-09-09" Resources: MyPolicy: Type: "AWS::IoT::Policy" Properties: PolicyName: Ref: "NameParameter" PolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Action: - "iot:Connect" Resource: - "*" Parameters: NameParameter: Type: "String"