David
Reputation: 1174
AWS IoT: ForbiddenException: Forbidden
I'm expieriencing an error, while trying the getThingShadow() method.
No Node.js, just plain Javascript.
The related Code:
var params = {
thingName: 'test123'
};
var iotdata = new AWS.IotData({
accessKeyId: AWS.config.credentials.accessKeyId,
secretKey: AWS.config.credentials.secretAccessKey,
sessionToken: AWS.config.credentials.sessionToken,
region: AWSConfiguration.region,
endpoint: AWSConfiguration.host
});
iotdata.getThingShadow(params, function (err, data) {
if (err) {
console.log(err, err.stack);
}
else {
console.log(data);
}
});
The error Message:
GET https://XXX.eu-central-1.amazonaws.com/things/test123/shadow
[HTTP/1.1 403 Forbidden 106ms] ForbiddenException: Forbidden
Stack-Trace: //many many lines of unrelevant text
My IAM Rules:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Subscribe",
"iot:Connect",
"iot:Receive",
"iot:UpdateThingShadow",
"iot:GetThingShadow"
],
"Resource": [
"*"
]
}
]
}
You may see, i allowed literally EVERYTHING, still i'm getting the Forbidden exception, why? BTW: The User Authentication (AWS-Cognito) is successful, i'm receiving all needed credentials.
Upvotes: 0
Views: 1874
Answers (1)
David
Reputation: 1174
Solved it by attaching the cognitoID to policy via IoT web-console (manually) and it works.
Upvotes: 1
Related Questions
- Forbidden: 403 error aws Device Shadow REST API
- AWS IOT - Credential should be scoped to correct service
- iot.listDimensions is not a function
- AWS IOT Struggling with getting thing shodow
- AWS IoT Javascript SDK can not create client
- Uncaught Error: Script error for "aws-sdk"
- AWS IoT: ForbiddenException: Forbidden when trying iotData.getThingShadow() in browser
- AWS IoT websocket connection returns a 403
- Cannot publish to reserved topic using AWS IoT SDK
- AWS Node JS SDK - Amazon IOT - MalformedPolicyException: Policy document is Malformed