Reputation: 165
AWS IoT websocket connection returns a 403
I keep receiving a 403 when trying to connect via Websocket to AWS IoT. I have a Cognito federated pool setup, which connects fine and returns credentials. It's after that step when I update the websocket credentials that I start getting 403's.
I've done the following steps:
- I've setup IoT and have a certificate and policy setup.
- I created a Cognito Federated Identity Pool that allows unauthenticated users.
- The unauthenticated role has full access to IoT (policy below)
Here's the unauthenticated role policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"mobileanalytics:PutEvents",
"cognito-sync:*",
"iot:*"
],
"Resource": [
"*"
]
}
]
}
Any ideas? Am I missing a step?
Upvotes: 3
Views: 1198
Answers (1)
Reputation: 2358
I know this is a bit old, But we had the same issue today, however it only seemed to happen to one companies users. So after a little digging I discovered their computers time were off by about 8 minutes. This was causing the certificate to be expired or invalid. simply changing the computers times to the correct time, or as we did get the difference of the correct time from the server and the local machine and account for the difference when sending the request fixed the issue.
Upvotes: 4
Related Questions
- Getting a 403 when trying to call a websocket
- connect to AWS IoT using web socket with Cognito authenticated users
- AWS Cognito and Websocket Api using Lambda Authorizer
- AWS Cognito auth fails with Vanilla JS
- AWS websocket throwing CORS error while connecting
- AWS IoT Core connection refused with authenticated Cognito user w/ attached policy [MQTT over WSS]
- AWS Cognito Identity NotAuthorizedException
- Mqtt connection gives 403 for aws IOT Pre-Signed URL
- Unauthenticated access to AWS services using Cognito
- AWS Cognito: Can't get Credentials