无法订阅IOT主题

问题描述 投票:0回答:1

我正在尝试使用 mqtt 客户端订阅 AWS IoT 主题。 Python脚本如下:

import paho.mqtt.client as mqtt
import ssl

MQTT_BROKER = '<endpoint>'  # Public broker for testing
MQTT_TOPIC = 'dcw813/livetracking'  # Topic to subscribe to
MQTT_PORT = 8883  # Secure port for MQTT
CLIENT_ID = "webapp"  # Unique client ID


# MQTT settings
mqttc = mqtt.Client(mqtt.CallbackAPIVersion.VERSION2, CLIENT_ID)
mqttc.tls_set(ca_certs="AmazonRootCA1.pem",
               certfile="certificates/webapp/device-cert.pem.crt",
               keyfile="certificates/webapp/private.pem.key",
               tls_version=ssl.PROTOCOL_TLSv1_2)

# Callback when a message is received
def on_message(client, userdata, message):
    print(f"Received message: {message.payload.decode()} on topic: {message.topic}")


mqttc.on_message = on_message

mqttc.connect(MQTT_BROKER, MQTT_PORT)

# Subscribe to the topic with QoS level 1
mqttc.subscribe(MQTT_TOPIC, qos=1)

print(f"Subscribed to {MQTT_TOPIC}. Waiting for messages...")

# Loop forever to process incoming messages
mqttc.loop_forever()

如果我使用以下政策,我将无法订阅该主题:


Builder
JSON
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "iot:Subscribe",
      "Resource": [
        "arn:aws:iot:<REGION>:<ACCOUNT>:topic/+/livetracking",
        "arn:aws:iot:<REGION>:<ACCOUNT>:topic/+/attendance"
      ]
    },
    {
      "Effect": "Allow",
      "Action": "iot:Receive",
      "Resource": [
        "arn:aws:iot:<REGION>:<ACCOUNT>:topic/+/livetracking",
        "arn:aws:iot:<REGION>:<ACCOUNT>:topic/+/attendance"
      ]
    },
    {
      "Effect": "Allow",
      "Action": "iot:Connect",
      "Resource": "arn:aws:iot:<REGION>:<ACCOUNT>:client/${iot:ClientId}"
    }
  ]
}

当我将其更改为以下内容时,效果很好。我无法理解这个问题。请评论。

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "iot:Subscribe",
      "Resource": "arn:aws:iot:<REGION>:<ACCOUNT>:*"
    },
    {
      "Effect": "Allow",
      "Action": "iot:Receive",
      "Resource": "arn:aws:iot:<REGION>:<ACCOUNT>:*"
    },
    {
      "Effect": "Allow",
      "Action": "iot:Connect",
      "Resource": "arn:aws:iot:<REGION>:<ACCOUNT>:client/${iot:ClientId}"
    }
  ]
}

我尝试将策略更改为以下,这样进行调试,但没有成功。

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iot:Connect",
        "iot:Publish",
        "iot:Subscribe",
        "iot:Receive",
        "iot:GetShadow",
        "iot:UpdateShadow",
        "iot:DeleteShadow",
        "iot:CreateKeysAndCertificate",
        "iot:CreateKeysAndCertificate",
        "iot:DescribeEndpoint",
        "iot:ListThings"
      ],
      "Resource": [
        "arn:aws:iot:<REGION>:<ACCOUNT>:client/*",
        "arn:aws:iot:<REGION>:<ACCOUNT>:thing/*",
        "arn:aws:iot:<REGION>:<ACCOUNT>:policy/*",
        "arn:aws:iot:<REGION>:<ACCOUNT>:cert/*",
        "arn:aws:iot:<REGION>:<ACCOUNT>:rule/*",
        "arn:aws:iot:<REGION>:<ACCOUNT>:topic/*",
        "arn:aws:iot:<REGION>:<ACCOUNT>:thing/*/shadow",
        "arn:aws:iot:<REGION>:<ACCOUNT>:job/*"
      ]
    }
  ]
}

令人惊讶的是这也不起作用。

amazon-web-services policy aws-iot subscribe
1个回答
0
投票

您需要使用 

topicfilter
资源来订阅过滤器,而不是 
topic
。像这样的:
"arn:aws:iot:<REGION>:<ACCOUNT>:topicfilter/+/livetracking"

请参阅 AWS 文档:https://docs.aws.amazon.com/iot/latest/developerguide/pub-sub-policy.html#pub-sub-specific-topic

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.