Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

AWS IoT Core policy variables

Focus mode
AWS IoT Core policy variables - AWS IoT Core

AWS IoT Core defines policy variables that can be used in AWS IoT Core policies in the Resource or Condition block. When a policy is evaluated, the policy variables are replaced by actual values. For example, if a device is connected to the AWS IoT Core message broker with a client ID of 100-234-3456, the iot:ClientId policy variable is replaced in the policy document by 100-234-3456.

AWS IoT Core policies can use wildcard characters and follow a similar convention to IAM policies. Inserting an * (asterik) in the string can be treated as a wildcard, matching any characters. For example, you can use * to describe multiple MQTT topic names in the Resource attribute of a policy. The characters + and # are treated as literal strings in a policy. For an example policy that shows how to use wildcards, see Using wildcard characters in MQTT and AWS IoT Core policies.

You can also use predefined policy variables with fixed values to represent characters that otherwise have special meaning. These special characters include $(*), $(?), and $($). For more information about policy variables and the special characters, see IAM Policy elements: Variables and tags and Creating a condition with multiple keys or values.

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.