本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。 # 物件政策範例 如果用於向 驗證的憑證 AWS IoT Core 連接到正在評估政策的物件,則下列政策允許裝置連線: **** ``` { "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":["iot:Connect"], "Resource":[ "*" ], "Condition": { "Bool": { "iot:Connection.Thing.IsAttached": ["true"] } } } ] } ``` 下列政策在憑證連接至具有特定物件類型的物件,且該物件的 `attributeName` 屬性具有 `attributeValue` 值時,允許裝置發佈。如需物件政策變數的詳細資訊,請參閱[物件政策變數](thing-policy-variables.md)。 **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iot:Publish" ], "Resource": "arn:aws:iot:us-east-1:123456789012:topic/device/stats", "Condition": { "StringEquals": { "iot:Connection.Thing.Attributes[attributeName]": "attributeValue", "iot:Connection.Thing.ThingTypeName": "Thing_Type_Name" }, "Bool": { "iot:Connection.Thing.IsAttached": "true" } } } ] } ``` 下列政策允許裝置發佈至以物件屬性開頭的主題。如果裝置憑證與物件沒有關聯,則無法解析此變數,並會導致存取遭拒錯誤。如需物件政策變數的詳細資訊,請參閱[物件政策變數](thing-policy-variables.md)。 **** ``` { "Version":"2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iot:Publish" ], "Resource": "arn:aws:iot:us-east-1:123456789012:topic/${iot:Connection.Thing.Attributes[attributeName]}/*" } ] } ```