search
githubEdit

Tagging your AWS IoT resources

circle-info

This page was generated from content adapted from the AWS Developer Guidearrow-up-right

hashtag
Using tags with IAM policies

  • Note The condition context keys and values in an IAM policy apply only to those AWS IoT actions where an identifier for a resource capable of being tagged is a required parameter. For example, the use of DescribeEndpointarrow-up-right is not allowed or denied on the basis of condition context keys and values because no taggable resource (thing groups, thing types, topic rules, jobs, or security profile) is referenced in this request. For more information about AWS IoT resources that are taggable and condition keys they support, read Actions, resources, and condition keys for AWS IoTarrow-up-right.

  • Note If you allow or deny users access to resources based on tags, you must consider explicitly denying users the ability to add those tags to or remove them from the same resources. Otherwise, it's possible for a user to circumvent your restrictions and gain access to a resource by modifying its tags.

hashtag
Billing groups

  • Note To accurately associate usage and cost data with those things you have placed in billing groups, each device or application must: Be registered as a thing in AWS IoT. For more information, see Managing devices with AWS IoTarrow-up-right. Connect to the AWS IoT message broker through MQTT using only the thing's name as the client ID. For more information, see Device communication protocolsarrow-up-right. Authenticate using a client certificate associated with the thing.

PreviousManaging devices with AWS IoTNextRules

Last updated