如何在代码中创建 AWS SNS 主题(iOS Mobile Hub SDK)
[英]How to create AWS SNS Topic in code (iOS Mobile Hub SDK)
问题描述
I would like to create Amazon SNS topics dynamically in code.
我想在代码中动态创建 Amazon SNS 主题。 I am using the AWS Mobile Hub sdk for iOS.我正在使用适用于 iOS 的 AWS Mobile Hub sdk。
When I try to create a topic当我尝试创建主题时
…
AWSSNSCreateTopicInput* input = [AWSSNSCreateTopicInput new];
NSString* name = @"topic_name";
[input setName:name];
[[[[AWSSNS defaultSNS] createTopic:input] continueWithSuccessBlock:^id _Nullable(AWSTask<AWSSNSCreateTopicResponse *> * _Nonnull task)
…
I get an error from AWS:我收到来自 AWS 的错误消息:
<Message>User: (role/credentials) is not authorized to perform: SNS:CreateTopic on resource: (topic)</Message>
(role/credentials) represents the IAM role and its Cognito credentials. (role/credentials) 表示 IAM 角色及其 Cognito 凭证。 (topic) is the ARN of the topic I have requested by giving a topic name (topic) 是我通过提供主题名称请求的主题的 ARN
AWS Mobile Hub created the following push policy for my Mobile Hub role: AWS Mobile Hub 为我的 Mobile Hub 角色创建了以下推送策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"sns:CreatePlatformEndpoint",
"sns:GetEndpointAttributes",
"sns:SetEndpointAttributes"
],
"Resource": [
"(APN role arn)"
]
},
{
"Effect": "Allow",
"Action": [
"sns:Subscribe",
"sns:Publish",
"sns:Unsubscribe"
],
"Resource": [
"(dynamodb role arn)",
"(Mobile Hub Role arn)"
]
},
{
"Effect": "Allow",
"Action": [
"sns:ListTopics"
],
"Resource": [
"*"
]
}
]
}
I tried adding the line我尝试添加行
"sns:CreateTopic",
to the middle set of permission (just above "sns:Subscribe") but that did not solve the error.到中间的一组权限(就在“sns:Subscribe”之上),但这并没有解决错误。 From the error message and reading AWS docs it seems I have to attach a policy to each topic I create in order to use it.从错误消息和阅读 AWS 文档来看,我似乎必须为我创建的每个主题附加一个策略才能使用它。 Here are 2 snippets from the AWS docs that may be relevant:以下是 AWS 文档中可能相关的 2 个片段:
The following example shows the permissions that are automatically created by AWS Config for a new topic. This policy statement allows AWS Config to publish to a specified Amazon SNS topic.
If you want to use an existing SNS topic from another account or you set up your delivery channel using the API, make sure to attach the following policy to the SNS topic.
{
"Id": "Policy1415489375392",
"Statement": [
{
"Sid": "AWSConfigSNSPolicy20150201",
"Action": [
"SNS:Publish"
],
"Effect": "Allow",
"Resource": "arn:aws:sns:region:account-id:myTopic",
"Principal": {
"Service": [
"config.amazonaws.com"
]
}
}
]
}
and和
IAM Role Policy for Amazon SNS Topic
Use this example policy as a model for granting AWS Config permissions to access your SNS topic:
{
"Version": "2012-10-17",
"Statement":
[
{
"Effect":"Allow",
"Action":"sns:Publish",
"Resource":"yourSNStopicARN"
}
]
}
This is all I've been able to find about creating topics using an sdk.这就是我能找到的关于使用 sdk 创建主题的全部内容。 Can anyone provide or point me to a complete example?谁能提供或指向我一个完整的例子?
1 个解决方案
解决方案1
0 已采纳 2016-05-05 21:50:48
The AWS Forum for Amazon SNS (Simple Notification Service), the service backing mobile push, may be a better place to get help on this topic.支持移动推送的服务 Amazon SNS(简单通知服务)的 AWS 论坛可能是获得有关此主题帮助的更好地方。
https://forums.aws.amazon.com/forum.jspa?forumID=72 https://forums.aws.amazon.com/forum.jspa?forumID=72
The issue appears to be that the appropriate mobile app user IAM role does not have permission to create the topic.问题似乎是相应的移动应用程序用户 IAM 角色没有创建主题的权限。 Mobile Hub does not give mobile app users permissions to create SNS topics by default.默认情况下,Mobile Hub 不授予移动应用程序用户创建 SNS 主题的权限。 You should add the sns:CreateTopic permission to the statement that has sns:ListTopic, like this...您应该将 sns:CreateTopic 权限添加到具有 sns:ListTopic 的语句中,如下所示...
{
"Effect": "Allow",
"Action": [
"sns:ListTopics",
"sns:CreateTopic",
],
"Resource": [
"*"
]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.