本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# AWS 物联网的操作、资源和条件键
AWS IoT(服务前缀:`iot`)提供以下特定于服务的资源、操作和条件上下文密钥以在 IAM 权限策略中使用。
参考:
+ 了解如何[配置该服务](https://docs.aws.amazon.com/iot/latest/developerguide/what-is-aws-iot.html)。
+ 查看[适用于该服务的 API 操作列表](https://docs.aws.amazon.com/iot/latest/apireference/)。
+ 了解如何[使用 IAM](https://docs.aws.amazon.com/iot/latest/developerguide/authorization.html) 权限策略保护该服务及其资源。
**Topics**
+ [AWS 物联网定义的操作](#awsiot-actions-as-permissions)
+ [AWS 物联网定义的资源类型](#awsiot-resources-for-iam-policies)
+ [AWS 物联网的条件密钥](#awsiot-policy-keys)
## AWS 物联网定义的操作
您可以在 IAM 策略语句的 `Action` 元素中指定以下操作。可以使用策略授予在 AWS中执行操作的权限。您在策略中使用一项操作时,通常使用相同的名称允许或拒绝对 API 操作或 CLI 命令的访问。但在某些情况下,单一动作可控制对多项操作的访问。还有某些操作需要多种不同的动作。
操作表的**访问级别**列描述如何对操作进行分类(列出、读取、权限管理或标记)。此分类可以帮助您了解当您在策略中使用操作时,相应操作授予的访问级别。有关访问级别的更多信息,请参阅[策略摘要中的访问级别](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.html)。
操作表的**资源类型**列指示每项操作是否支持资源级权限。如果该列没有任何值,您必须在策略语句的 `Resource` 元素中指定策略应用的所有资源(“\*”)。通过在 IAM policy 中使用条件来筛选访问权限,以控制是否可以在资源或请求中使用特定标签键。如果操作具有一个或多个必需资源,则调用方必须具有使用这些资源来使用该操作的权限。必需资源在表中以星号 (\*) 表示。如果您在 IAM policy 中使用 `Resource` 元素限制资源访问权限,则必须为每种必需的资源类型添加 ARN 或模式。某些操作支持多种资源类型。如果资源类型是可选的(未指示为必需),则可以选择使用一种可选资源类型。
操作表的**条件键**列包括可以在策略语句的 `Condition` 元素中指定的键。有关与服务资源关联的条件键的更多信息,请参阅资源类型表的**条件键**列。
操作表的**依赖操作**列显示成功调用操作可能需要的其他权限。除了操作本身的权限以外,可能还需要这些权限。若某个操作指定依赖操作,则这些依赖关系可能适用于为该操作定义的其他资源,而不仅仅是表中列出的第一个资源。
**注意**
资源条件键在[资源类型](#awsiot-resources-for-iam-policies)表中列出。您可以在操作表的**资源类型(\* 为必需)**列中找到应用于某项操作的资源类型的链接。资源类型表中的资源类型包括**条件密钥**列,这是应用于操作表中操作的资源条件键。
有关下表中各列的详细信息,请参阅[操作表](reference_policies_actions-resources-contextkeys.html#actions_table)。
****
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AcceptCertificateTransfer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AcceptCertificateTransfer.html) **
- **描述:** 授予接受待处理证书传输的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AddThingToBillingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AddThingToBillingGroup.html) **
- **描述:** 授予向指定账单组添加事物的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AddThingToThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AddThingToThingGroup.html) **
- **描述:** 授予向指定事物组添加事物的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AssociateSbomWithPackageVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AssociateSbomWithPackageVersion.html) **
- **描述:** 授予权限以将 SBOM 文件与软件包版本关联
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion)
- **条件键:**
- **相关操作:** iot:GetIndexingConfiguration
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AssociateTargetsWithJob.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AssociateTargetsWithJob.html) **
- **描述:** 授予将组与连续作业关联的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AttachPolicy.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AttachPolicy.html) **
- **描述:** 授予将策略附加到指定目标的权限
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AttachPrincipalPolicy.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AttachPrincipalPolicy.html) **
- **描述:** 授予将指定的策略附加到指定的委托人(证书或其他凭证)的权限
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AttachSecurityProfile.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AttachSecurityProfile.html) **
- **描述:** 授予将 Device Defender 安全配置文件与事物组或此账户关联的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_AttachThingPrincipal.html](https://docs.aws.amazon.com/iot/latest/apireference/API_AttachThingPrincipal.html) **
- **描述:** 授予将指定委托人附加到指定事物的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-iot_thingArn](#awsiot-iot_thingArn) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CancelAuditMitigationActionsTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CancelAuditMitigationActionsTask.html) **
- **描述:** 授予取消正在进行的缓解操作任务的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CancelAuditTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CancelAuditTask.html) **
- **描述:** 授予权限以取消正在进行的审计。审核可能是计划审核,也可能是按需审核
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CancelCertificateTransfer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CancelCertificateTransfer.html) **
- **描述:** 授予取消指定证书的待处理传输的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CancelDetectMitigationActionsTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CancelDetectMitigationActionsTask.html) **
- **描述:** 授予取消 Device Defender ML Detect 缓解操作的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CancelJob.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CancelJob.html) **
- **描述:** 授予取消作业的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CancelJobExecution.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CancelJobExecution.html) **
- **描述:** 授予在特定设备上取消作业执行的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ClearDefaultAuthorizer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ClearDefaultAuthorizer.html) **
- **描述:** 授予清除默认授权者的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_CloseTunnel.html](https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_CloseTunnel.html) **
- **描述:** 授予关闭隧道的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-tunnel](#awsiot-tunnel) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-iot_Delete](#awsiot-iot_Delete) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ConfirmTopicRuleDestination.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ConfirmTopicRuleDestination.html) **
- **描述:** 授予确认 http 网址的权限 TopicRuleDestinationDestination
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-destination](#awsiot-destination)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予作为指定客户端进行连接的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-client](#awsiot-client)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateAuditSuppression.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateAuditSuppression.html) **
- **描述:** 授予创建 Device Defender 审核抑制的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateAuthorizer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateAuthorizer.html) **
- **描述:** 授予创建授权方的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateBillingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateBillingGroup.html) **
- **描述:** 授予创建账单组的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateFromCsr.html) **
- **描述:** 授予使用指定 X.509 证书签名请求创建证书的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateProvider.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCertificateProvider.html) **
- **描述:** 授予权限以创建证书提供程序
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-certificateprovider](#awsiot-certificateprovider) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCommand.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCommand.html) **
- **描述:** 授予权限以创建可用于针对设备启动新执行的命令
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCustomMetric.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateCustomMetric.html) **
- **描述:** 授予创建用于设备端指标报告和监控的自定义指标的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDimension.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDimension.html) **
- **描述:** 授予权限以定义一个维度,该维度可用于限制安全配置文件中使用的指标的范围
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDomainConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDomainConfiguration.html) **
- **描述:** 授予创建域配置的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-domainconfiguration](#awsiot-domainconfiguration) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys)
[#awsiot-iot_DomainName](#awsiot-iot_DomainName) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDynamicThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateDynamicThingGroup.html) **
- **描述:** 授予创建动态事物组的权限
- **访问级别:** Write
- **资源类型(\* 为必需):** [#awsiot-dynamicthinggroup](#awsiot-dynamicthinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateFleetMetric.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateFleetMetric.html) **
- **描述:** 授予创建队列指标的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-fleetmetric](#awsiot-fleetmetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-index](#awsiot-index) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateJob.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateJob.html) **
- **描述:** 授予权限以创建作业
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-jobtemplate](#awsiot-jobtemplate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateJobTemplate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateJobTemplate.html) **
- **描述:** 授予创建作业模板的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-jobtemplate](#awsiot-jobtemplate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateKeysAndCertificate.html) **
- **描述:** 授予创建 2048 位 RSA 密钥对的权限,并使用已颁发的公钥颁发 X.509 证书
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateMitigationAction.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateMitigationAction.html) **
- **描述:** 授予权限以定义可应用于审计结果的操作 StartAuditMitigationActionsTask
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-mitigationaction](#awsiot-mitigationaction) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateOTAUpdate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateOTAUpdate.html) **
- **描述:** 授予创建 OTA 更新作业的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-otaupdate](#awsiot-otaupdate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePackage.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePackage.html) **
- **描述:** 授予权限以创建可部署到设备上的软件程序包
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:** iot:GetIndexingConfiguration
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePackageVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePackageVersion.html) **
- **描述:** 授予权限以在指定的程序包下创建版本
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:** iot:GetIndexingConfiguration
s3:GetObjectVersion
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePolicy.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePolicy.html) **
- **描述:** 授予创建 AWS IoT 策略的权限
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePolicyVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreatePolicyVersion.html) **
- **描述:** 授予创建指定 AWS IoT 策略新版本的权限
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningClaim.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningClaim.html) **
- **描述:** 授予创建预置要求的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplate.html) **
- **描述:** 授予创建队列预置模板的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate) / **条件键:** / **相关操作:** iam:PassRole
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplateVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateProvisioningTemplateVersion.html) **
- **描述:** 授予创建队列预置模板新版本的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateRoleAlias.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateRoleAlias.html) **
- **描述:** 授予创建角色别名的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-rolealias](#awsiot-rolealias) / **条件键:** / **相关操作:** iam:PassRole
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateScheduledAudit.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateScheduledAudit.html) **
- **描述:** 授予权限以创建计划审核,使之按指定的时间间隔运行
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-scheduledaudit](#awsiot-scheduledaudit) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateSecurityProfile.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateSecurityProfile.html) **
- **描述:** 授予创建 Device Defender 安全配置文件的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateStream.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateStream.html) **
- **描述:** 授予创建新 AWS IoT 流的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-stream](#awsiot-stream) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThing.html) **
- **描述:** 授予在事物注册表中创建事物的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThingGroup.html) **
- **描述:** 授予权限以创建事物组
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThingType.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateThingType.html) **
- **描述:** 授予权限以创建新的事物类型
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thingtype](#awsiot-thingtype) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateTopicRule.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateTopicRule.html) **
- **描述:** 授予权限以创建规则
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_CreateTopicRuleDestination.html](https://docs.aws.amazon.com/iot/latest/apireference/API_CreateTopicRuleDestination.html) **
- **描述:** 授予创建 TopicRuleDestination
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAccountAuditConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAccountAuditConfiguration.html) **
- **描述:** 授予删除与账户关联的审核配置的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAuditSuppression.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAuditSuppression.html) **
- **描述:** 授予删除 Device Defender 审核抑制的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAuthorizer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteAuthorizer.html) **
- **描述:** 授予删除指定授权方的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteBillingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteBillingGroup.html) **
- **描述:** 授予权限以删除指定的账单组
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCACertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCACertificate.html) **
- **描述:** 授予删除已注册 CA 证书的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cacert](#awsiot-cacert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCertificate.html) **
- **描述:** 授予删除指定证书的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCertificateProvider.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCertificateProvider.html) **
- **描述:** 授予权限以删除证书提供程序
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-certificateprovider](#awsiot-certificateprovider)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCommand.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCommand.html) **
- **描述:** 授予权限以删除命令
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCommandExecution.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCommandExecution.html) **
- **描述:** 授予权限以删除命令执行
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-client](#awsiot-client) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予权限以断开指定的连接
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-client](#awsiot-client)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCustomMetric.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteCustomMetric.html) **
- **描述:** 授予从您的中删除指定自定义指标的权限 AWS 账户
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDimension.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDimension.html) **
- **描述:** 授予从您的维度中移除指定维度的权限 AWS 账户
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDomainConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDomainConfiguration.html) **
- **描述:** 授予权限以删除域配置
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-domainconfiguration](#awsiot-domainconfiguration)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDynamicThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteDynamicThingGroup.html) **
- **描述:** 授予删除指定动态事物组的权限
- **访问级别:** Write
- **资源类型(\* 为必需):** [#awsiot-dynamicthinggroup](#awsiot-dynamicthinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteFleetMetric.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteFleetMetric.html) **
- **描述:** 授予删除指定队列指标的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-fleetmetric](#awsiot-fleetmetric)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJob.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJob.html) **
- **描述:** 授予删除作业及其相关作业执行的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJobExecution.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJobExecution.html) **
- **描述:** 授予删除作业执行的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJobTemplate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteJobTemplate.html) **
- **描述:** 授予删除作业模板的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-jobtemplate](#awsiot-jobtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteMitigationAction.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteMitigationAction.html) **
- **描述:** 授予从您的中删除已定义的缓解操作的权限 AWS 账户
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-mitigationaction](#awsiot-mitigationaction)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteOTAUpdate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteOTAUpdate.html) **
- **描述:** 授予删除 OTA 更新作业的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-otaupdate](#awsiot-otaupdate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePackage.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePackage.html) **
- **描述:** 授予删除软件包的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePackageVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePackageVersion.html) **
- **描述:** 授予权限以删除指定程序包的版本
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePolicy.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePolicy.html) **
- **描述:** 授予删除指定策略的权限
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePolicyVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeletePolicyVersion.html) **
- **描述:** 授予删除指定策略的指定版本的权限
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteProvisioningTemplate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteProvisioningTemplate.html) **
- **描述:** 授予删除队列预置模板的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteProvisioningTemplateVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteProvisioningTemplateVersion.html) **
- **描述:** 授予删除队列预置模板版本的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteRegistrationCode.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteRegistrationCode.html) **
- **描述:** 授予删除 CA 证书注册代码的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteRoleAlias.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteRoleAlias.html) **
- **描述:** 授予删除指定的角色别名的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-rolealias](#awsiot-rolealias)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteScheduledAudit.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteScheduledAudit.html) **
- **描述:** 授予删除计划审核的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-scheduledaudit](#awsiot-scheduledaudit)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteSecurityProfile.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteSecurityProfile.html) **
- **描述:** 授予删除 Device Defender 安全配置文件的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteStream.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteStream.html) **
- **描述:** 授予删除指定流的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-stream](#awsiot-stream)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThing.html) **
- **描述:** 授予删除指定事物的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThingGroup.html) **
- **描述:** 授予删除指定事物组的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予删除指定事物影子的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThingType.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteThingType.html) **
- **描述:** 授予删除指定事物类型的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thingtype](#awsiot-thingtype)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteTopicRule.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteTopicRule.html) **
- **描述:** 授予删除指定规则的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteTopicRuleDestination.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteTopicRuleDestination.html) **
- **描述:** 授予删除权限 TopicRuleDestination
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-destination](#awsiot-destination)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteV2LoggingLevel.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeleteV2LoggingLevel.html) **
- **描述:** 授予删除指定的 v2 日志记录级别的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DeprecateThingType.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DeprecateThingType.html) **
- **描述:** 授予弃用指定事物类型的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thingtype](#awsiot-thingtype)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAccountAuditConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAccountAuditConfiguration.html) **
- **描述:** 授予获取有关账户审核配置信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditFinding.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditFinding.html) **
- **描述:** 授予权限以获取有关单个审计发现的信息。属性包括不合规的原因、问题的严重性以及返回该结果的审核的开始时间
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditMitigationActionsTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditMitigationActionsTask.html) **
- **描述:** 授予权限以获取有关审核缓解任务的信息,该任务用于向一组审核结果应用缓解操作
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditSuppression.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditSuppression.html) **
- **描述:** 授予获取有关 Device Defender 审核抑制的信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuditTask.html) **
- **描述:** 授予获取有关 Device Defender 审核的信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuthorizer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeAuthorizer.html) **
- **描述:** 授予描述授权者的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeBillingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeBillingGroup.html) **
- **描述:** 授予获取有关指定账单组的信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCACertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCACertificate.html) **
- **描述:** 授予描述已注册 CA 证书的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-cacert](#awsiot-cacert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCertificate.html) **
- **描述:** 授予获取有关指定证书信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCertificateProvider.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCertificateProvider.html) **
- **描述:** 授予权限以描述证书提供程序
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-certificateprovider](#awsiot-certificateprovider)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCustomMetric.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeCustomMetric.html) **
- **描述:** 授予描述在您中定义的自定义指标的权限 AWS 账户
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDefaultAuthorizer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDefaultAuthorizer.html) **
- **描述:** 授予描述默认授权方的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDetectMitigationActionsTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDetectMitigationActionsTask.html) **
- **描述:** 授予描述 Device Defender ML Detect 缓解操作的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDimension.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDimension.html) **
- **描述:** 授予权限以获取有关您在中定义的维度的详细信息 AWS 账户
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDomainConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeDomainConfiguration.html) **
- **描述:** 授予获取有关域配置信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-domainconfiguration](#awsiot-domainconfiguration)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEncryptionConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEncryptionConfiguration.html) **
- **描述:** 授予权限以描述账户的加密配置
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEndpoint.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEndpoint.html) **
- **描述:** 授予获取特定于 AWS 账户 进行呼叫的唯一端点的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEventConfigurations.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeEventConfigurations.html) **
- **描述:** 授予获取账户事件配置的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeFleetMetric.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeFleetMetric.html) **
- **描述:** 授予获取有关指定队列指标信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-fleetmetric](#awsiot-fleetmetric)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeIndex.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeIndex.html) **
- **描述:** 授予获取有关指定索引信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-index](#awsiot-index)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJob.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJob.html) **
- **描述:** 授予描述作业的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJobExecution.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJobExecution.html) **
- **描述:** 授予描述作业执行的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJobTemplate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeJobTemplate.html) **
- **描述:** 授予描述作业模板的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-jobtemplate](#awsiot-jobtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeManagedJobTemplate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeManagedJobTemplate.html) **
- **描述:** 授予描述托管任务模板的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-jobtemplate](#awsiot-jobtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeMitigationAction.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeMitigationAction.html) **
- **描述:** 授予获取有关缓解操作的信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-mitigationaction](#awsiot-mitigationaction)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeProvisioningTemplate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeProvisioningTemplate.html) **
- **描述:** 授予获取有关队列预置模板信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeProvisioningTemplateVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeProvisioningTemplateVersion.html) **
- **描述:** 授予获取有关队列预置模板版本信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeRoleAlias.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeRoleAlias.html) **
- **描述:** 授予描述角色别名的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-rolealias](#awsiot-rolealias)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeScheduledAudit.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeScheduledAudit.html) **
- **描述:** 授予获取有关计划审核信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-scheduledaudit](#awsiot-scheduledaudit)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeSecurityProfile.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeSecurityProfile.html) **
- **描述:** 授予获取有关 Device Defender 安全配置文件信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeStream.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeStream.html) **
- **描述:** 授予获取有关指定流信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-stream](#awsiot-stream)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThing.html) **
- **描述:** 授予获取有关指定事物信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingGroup.html) **
- **描述:** 授予权限以获取有关指定事物组的信息
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingRegistrationTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingRegistrationTask.html) **
- **描述:** 授予获取有关批量事物注册任务信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingType.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DescribeThingType.html) **
- **描述:** 授予获取有关指定事物类型信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-thingtype](#awsiot-thingtype)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_DescribeTunnel.html](https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_DescribeTunnel.html) **
- **描述:** 授予描述隧道的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-tunnel](#awsiot-tunnel)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DetachPolicy.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DetachPolicy.html) **
- **描述:** 授予权限以将策略从指定的目标中分离
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DetachPrincipalPolicy.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DetachPrincipalPolicy.html) **
- **描述:** 授予从指定证书中删除指定策略的权限
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DetachSecurityProfile.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DetachSecurityProfile.html) **
- **描述:** 授予取消 Device Defender 安全配置文件与事物组或此账户的关联的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DetachThingPrincipal.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DetachThingPrincipal.html) **
- **描述:** 授予将指定委托人与指定事物分离的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-iot_thingArn](#awsiot-iot_thingArn) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DisableTopicRule.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DisableTopicRule.html) **
- **描述:** 授予禁用指定规则的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_DisassociateSbomFromPackageVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_DisassociateSbomFromPackageVersion.html) **
- **描述:** 授予权限以取消 SBOM 文件与软件包版本的关联
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_EnableTopicRule.html](https://docs.aws.amazon.com/iot/latest/apireference/API_EnableTopicRule.html) **
- **描述:** 授予启用指定规则的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetBehaviorModelTrainingSummaries.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetBehaviorModelTrainingSummaries.html) **
- **描述:** 授予获取 Device Defender ML Detect 安全配置文件训练模型状态的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetBucketsAggregation.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetBucketsAggregation.html) **
- **描述:** 授予获取 IoT 队列索引的存储桶聚合的权限
- **访问级别:** Read
- **资源类型(\* 为必需):** [#awsiot-index](#awsiot-index)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetCardinality.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetCardinality.html) **
- **描述:** 授予获取 IoT 队列索引基数的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-index](#awsiot-index)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetCommand.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetCommand.html) **
- **描述:** 授予权限以获取有关命令的信息
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetCommandExecution.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetCommandExecution.html) **
- **描述:** 授予权限以获取有关命令执行的信息
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-client](#awsiot-client) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetEffectivePolicies.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetEffectivePolicies.html) **
- **描述:** 授予获取有效策略的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetIndexingConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetIndexingConfiguration.html) **
- **描述:** 授予获取当前队列索引配置的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetJobDocument.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetJobDocument.html) **
- **描述:** 授予获取作业文档的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetLoggingOptions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetLoggingOptions.html) **
- **描述:** 授予获取日志记录选项的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetOTAUpdate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetOTAUpdate.html) **
- **描述:** 授予获取 OTA 更新作业信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-otaupdate](#awsiot-otaupdate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackage.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackage.html) **
- **描述:** 授予权限以获取有关程序包的信息
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackageConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackageConfiguration.html) **
- **描述:** 授予权限以获取账户的程序包配置
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackageVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetPackageVersion.html) **
- **描述:** 授予权限以获取程序包的版本
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetPercentiles.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetPercentiles.html) **
- **描述:** 授予获取 IoT 队列索引百分位数的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-index](#awsiot-index)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetPolicy.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetPolicy.html) **
- **描述:** 授予权限以获取具有默认版本策略文档的指定策略的相关信息
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetPolicyVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetPolicyVersion.html) **
- **描述:** 授予获取有关指定策略版本的信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetRegistrationCode.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetRegistrationCode.html) **
- **描述:** 授予获取用于向 AWS IoT 注册 CA 证书的注册码的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予权限以获取指定主题上的保留邮件
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-topic](#awsiot-topic)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetStatistics.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetStatistics.html) **
- **描述:** 授予获取 IoT 队列索引统计数据的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-index](#awsiot-index)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetThingConnectivityData.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetThingConnectivityData.html) **
- **描述:** 授予权限以获取事物连接数据
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予获取事物影子的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetTopicRule.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetTopicRule.html) **
- **描述:** 授予获取有关指定规则的信息的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetTopicRuleDestination.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetTopicRuleDestination.html) **
- **描述:** 授予获取 TopicRuleDestination
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-destination](#awsiot-destination)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_GetV2LoggingOptions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_GetV2LoggingOptions.html) **
- **描述:** 授予获取 v2 日志记录选项的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListActiveViolations.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListActiveViolations.html) **
- **描述:** 授予权限以列出给定 Device Defender 安全配置文件或事物的活动违规
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListAttachedPolicies.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListAttachedPolicies.html) **
- **描述:** 授予列出附加到指定事物组的策略的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditFindings.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditFindings.html) **
- **描述:** 授予权限以列出 Device Defender 审核的结果或在指定时间段内审核执行的结果
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditMitigationActionsExecutions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditMitigationActionsExecutions.html) **
- **描述:** 授予获取已执行审核缓解操作任务状态的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditMitigationActionsTasks.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditMitigationActionsTasks.html) **
- **描述:** 授予获取与指定的筛选条件匹配的审核缓解操作任务的列表
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditSuppressions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditSuppressions.html) **
- **描述:** 授予列出 Device Defender 审核抑制的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditTasks.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuditTasks.html) **
- **描述:** 授予列出已在指定时间段内执行的 Device Defender 审核的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuthorizers.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListAuthorizers.html) **
- **描述:** 授予列出在您的账户中注册的授权方的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListBillingGroups.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListBillingGroups.html) **
- **描述:** 授予列出所有账单组的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListCACertificates.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCACertificates.html) **
- **描述:** 授予列出为你注册的 CA 证书的权限 AWS 账户
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificateProviders.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificateProviders.html) **
- **描述:** 授予权限以在账户中列出证书提供程序
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificates.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificates.html) **
- **描述:** 授予列出证书的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificatesByCA.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCertificatesByCA.html) **
- **描述:** 授予列出由指定 CA 证书签名的设备证书的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListCommandExecutions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCommandExecutions.html) **
- **描述:** 授予权限以列出账户中的命令执行
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-client](#awsiot-client) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListCommands.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCommands.html) **
- **描述:** 授予权限以列出账户中的命令
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListCustomMetrics.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListCustomMetrics.html) **
- **描述:** 授予在您的中列出自定义指标的权限 AWS 账户
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListDetectMitigationActionsExecutions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListDetectMitigationActionsExecutions.html) **
- **描述:** 授予列出 Device Defender ML Detect 安全配置文件的缓解操作执行的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListDetectMitigationActionsTasks.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListDetectMitigationActionsTasks.html) **
- **描述:** 授予列出 Device Defender ML Detect 缓解操作任务的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListDimensions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListDimensions.html) **
- **描述:** 授予列出为你定义的维度的权限 AWS 账户
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListDomainConfigurations.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListDomainConfigurations.html) **
- **描述:** 授予列出由您创建的域配置的权限 AWS 账户
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListFleetMetrics.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListFleetMetrics.html) **
- **描述:** 授予在您的账户中列出队列指标的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListIndices.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListIndices.html) **
- **描述:** 授予列出队列索引的所有索引的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobExecutionsForJob.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobExecutionsForJob.html) **
- **描述:** 授予列出作业的作业执行的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobExecutionsForThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobExecutionsForThing.html) **
- **描述:** 授予列出指定事物的作业执行的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobTemplates.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobTemplates.html) **
- **描述:** 授予列出作业模板的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobs.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListJobs.html) **
- **描述:** 授予列出作业的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListManagedJobTemplates.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListManagedJobTemplates.html) **
- **描述:** 授予列出托管任务模板的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListMetricValues.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListMetricValues.html) **
- **描述:** 授予权限以根据 metricName 和维度(如果已指定)列出事物的指标值
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListMitigationActions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListMitigationActions.html) **
- **描述:** 授予权限以获取与指定筛选条件匹配的所有缓解操作的列表
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListNamedShadowsForThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListNamedShadowsForThing.html) **
- **描述:** 授予列出给定事物的所有已命名影子的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListOTAUpdates.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListOTAUpdates.html) **
- **描述:** 授予在账户中列出 OTA 更新作业的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListOutgoingCertificates.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListOutgoingCertificates.html) **
- **描述:** 授予列出正在传输但尚未接受的证书的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListPackageVersions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListPackageVersions.html) **
- **描述:** 授予权限以列出账户中程序包的版本
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListPackages.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListPackages.html) **
- **描述:** 授予权限以列出账户中的程序包
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicies.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicies.html) **
- **描述:** 授予列出策略的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicyPrincipals.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicyPrincipals.html) **
- **描述:** 授予列出与指定策略关联的委托人的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicyVersions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListPolicyVersions.html) **
- **描述:** 授予列出指定策略版本的权限,并标识默认版本
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalPolicies.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalPolicies.html) **
- **描述:** 授予权限以列出附加到指定委托人的策略。如果您使用 Amazon Cognito 身份,ID 需要使用 Amazon Cognito 身份格式
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalThings.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalThings.html) **
- **描述:** 授予列出与指定委托人关联的事物的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalThingsV2.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListPrincipalThingsV2.html) **
- **描述:** 授予列出与指定委托人关联的事物的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListProvisioningTemplateVersions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListProvisioningTemplateVersions.html) **
- **描述:** 授予获取队列预置模板版本列表的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListProvisioningTemplates.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListProvisioningTemplates.html) **
- **描述:** 授予在您的中列出队列出队列出配置模板的权限 AWS 账户
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListRelatedResourcesForAuditFinding.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListRelatedResourcesForAuditFinding.html) **
- **描述:** 授予权限以列出单个审计查找结果的相关项目
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予权限以列出账户保留的邮件
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListRoleAliases.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListRoleAliases.html) **
- **描述:** 授予列出角色别名的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListSbomValidationResults.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListSbomValidationResults.html) **
- **描述:** 授予权限以列出软件包版本的 SBOM 验证结果
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListScheduledAudits.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListScheduledAudits.html) **
- **描述:** 授予列出所有计划审核的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfiles.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfiles.html) **
- **描述:** 授予列出您创建的 Device Defender 安全配置文件的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfilesForTarget.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListSecurityProfilesForTarget.html) **
- **描述:** 授予列出附加到目标的 Device Defender 安全配置文件的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListStreams.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListStreams.html) **
- **描述:** 授予列出您的账户中的流的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListTagsForResource.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListTagsForResource.html) **
- **描述:** 授予权限以列出给定资源的所有标签
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-cacert](#awsiot-cacert) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-certificateprovider](#awsiot-certificateprovider) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-domainconfiguration](#awsiot-domainconfiguration) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dynamicthinggroup](#awsiot-dynamicthinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-fleetmetric](#awsiot-fleetmetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-jobtemplate](#awsiot-jobtemplate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-mitigationaction](#awsiot-mitigationaction) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-otaupdate](#awsiot-otaupdate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-rolealias](#awsiot-rolealias) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-scheduledaudit](#awsiot-scheduledaudit) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-stream](#awsiot-stream) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thingtype](#awsiot-thingtype) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListTargetsForPolicy.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListTargetsForPolicy.html) **
- **描述:** 授予列出指定策略的目标的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListTargetsForSecurityProfile.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListTargetsForSecurityProfile.html) **
- **描述:** 授予列出与给定 Device Defender 安全配置文件关联的目标的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingGroups.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingGroups.html) **
- **描述:** 授予列出所有事物组的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingGroupsForThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingGroupsForThing.html) **
- **描述:** 授予列出指定事物所属的事物组的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingPrincipals.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingPrincipals.html) **
- **描述:** 授予列出与指定事物关联的委托人的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingPrincipalsV2.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingPrincipalsV2.html) **
- **描述:** 授予列出与指定事物关联的委托人的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingRegistrationTaskReports.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingRegistrationTaskReports.html) **
- **描述:** 授予列出有关批量事物注册任务的信息的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingRegistrationTasks.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingRegistrationTasks.html) **
- **描述:** 授予列出批量事物注册任务的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingTypes.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingTypes.html) **
- **描述:** 授予列出所有事物类型的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThings.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThings.html) **
- **描述:** 授予列出所有事物的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingsInBillingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingsInBillingGroup.html) **
- **描述:** 授予列出指定账单组中所有事物的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingsInThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListThingsInThingGroup.html) **
- **描述:** 授予列出指定事物组中所有事物的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListTopicRuleDestinations.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListTopicRuleDestinations.html) **
- **描述:** 授予列出所有内容的权限 TopicRuleDestinations
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListTopicRules.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListTopicRules.html) **
- **描述:** 授予列出特定主题的规则的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_ListTunnels.html](https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_ListTunnels.html) **
- **描述:** 授予列出隧道的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListV2LoggingLevels.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListV2LoggingLevels.html) **
- **描述:** 授予列出 v2 日志记录级别的权限
- **访问级别:** 列表
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ListViolationEvents.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ListViolationEvents.html) **
- **描述:** 授予权限以列出在指定时间段内发现的 Device Defender 安全配置文件违规事件
- **访问级别:** 列表
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_OpenTunnel.html](https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_OpenTunnel.html) **
- **描述:** 授予打开隧道的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys)
[#awsiot-iot_ThingGroupArn](#awsiot-iot_ThingGroupArn)
[#awsiot-iot_TunnelDestinationService](#awsiot-iot_TunnelDestinationService)
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予发布到指定主题的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-topic](#awsiot-topic)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_PutVerificationStateOnViolation.html](https://docs.aws.amazon.com/iot/latest/apireference/API_PutVerificationStateOnViolation.html) **
- **描述:** 授予将违规置于验证状态的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予从指定主题接收的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-topic](#awsiot-topic)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCACertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCACertificate.html) **
- **描述:** 授予向 AWS IoT 注册 CA 证书的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys)
[#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_)
- **相关操作:** iam:PassRole
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificate.html) **
- **描述:** 授予向 AWS IoT 注册设备证书的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificateWithoutCA.html](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterCertificateWithoutCA.html) **
- **描述:** 授予在没有注册 CA(证书颁发机构)的情况下向 AWS IoT 注册设备证书的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_RegisterThing.html) **
- **描述:** 授予注册您的事物的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_RejectCertificateTransfer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_RejectCertificateTransfer.html) **
- **描述:** 授予拒绝待处理证书传输的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_RemoveThingFromBillingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_RemoveThingFromBillingGroup.html) **
- **描述:** 授予从指定账单组中删除事物的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_RemoveThingFromThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_RemoveThingFromThingGroup.html) **
- **描述:** 授予从指定事物组中删除事物的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ReplaceTopicRule.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ReplaceTopicRule.html) **
- **描述:** 授予替换指定规则的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予将保留邮件发布到指定主题的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-topic](#awsiot-topic)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_RotateTunnelAccessToken.html](https://docs.aws.amazon.com/iot/latest/apireference/API_iot-secure-tunneling_RotateTunnelAccessToken.html) **
- **描述:** 授予轮换隧道访问令牌的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-tunnel](#awsiot-tunnel) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-iot_ThingGroupArn](#awsiot-iot_ThingGroupArn)
[#awsiot-iot_TunnelDestinationService](#awsiot-iot_TunnelDestinationService)
[#awsiot-iot_ClientMode](#awsiot-iot_ClientMode) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_SearchIndex.html](https://docs.aws.amazon.com/iot/latest/apireference/API_SearchIndex.html) **
- **描述:** 授予搜索 IoT 队列索引的权限
- **访问级别:** Read
- **资源类型(\* 为必需):** [#awsiot-index](#awsiot-index)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_SetDefaultAuthorizer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_SetDefaultAuthorizer.html) **
- **描述:** 授予权限以设置默认授权方。如果在没有指定授权方的情况下进行 websocket 连接,则将使用此项
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_SetDefaultPolicyVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_SetDefaultPolicyVersion.html) **
- **描述:** 授予权限以将指定策略的指定版本设置为策略的默认(有效)版本
- **访问级别:** 权限管理
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_SetLoggingOptions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_SetLoggingOptions.html) **
- **描述:** 授予设置日志记录选项的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_SetV2LoggingLevel.html](https://docs.aws.amazon.com/iot/latest/apireference/API_SetV2LoggingLevel.html) **
- **描述:** 授予设置 v2 日志记录级别的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_SetV2LoggingOptions.html](https://docs.aws.amazon.com/iot/latest/apireference/API_SetV2LoggingOptions.html) **
- **描述:** 授予设置 v2 日志记录选项的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_StartAuditMitigationActionsTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_StartAuditMitigationActionsTask.html) **
- **描述:** 授予启动将一组缓解操作应用于指定目标的任务的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_StartCommandExecution.html](https://docs.aws.amazon.com/iot/latest/apireference/API_iot-jobs-data_StartCommandExecution.html) **
- **描述:** 授予权限以启动新的命令执行
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-client](#awsiot-client) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-iot_CommandExecutionParameterString___CommandParameterName_](#awsiot-iot_CommandExecutionParameterString___CommandParameterName_)
[#awsiot-iot_CommandExecutionParameterBoolean___CommandParameterName_](#awsiot-iot_CommandExecutionParameterBoolean___CommandParameterName_)
[#awsiot-iot_CommandExecutionParameterNumber___CommandParameterName_](#awsiot-iot_CommandExecutionParameterNumber___CommandParameterName_) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_StartDetectMitigationActionsTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_StartDetectMitigationActionsTask.html) **
- **描述:** 授予启动 Device Defender ML Detect 缓解操作任务的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_StartOnDemandAuditTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_StartOnDemandAuditTask.html) **
- **描述:** 授予启动按需 Device Defender 审核的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_StartThingRegistrationTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_StartThingRegistrationTask.html) **
- **描述:** 授予启动批量事物注册任务的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_StopThingRegistrationTask.html](https://docs.aws.amazon.com/iot/latest/apireference/API_StopThingRegistrationTask.html) **
- **描述:** 授予停止批量事物注册任务的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予订阅指定内容的权限 TopicFilter
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-topicfilter](#awsiot-topicfilter)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_TagResource.html](https://docs.aws.amazon.com/iot/latest/apireference/API_TagResource.html) **
- **描述:** 授予标记指定资源的权限
- **访问级别:** Tagging
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-cacert](#awsiot-cacert) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-certificateprovider](#awsiot-certificateprovider) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-domainconfiguration](#awsiot-domainconfiguration) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dynamicthinggroup](#awsiot-dynamicthinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-fleetmetric](#awsiot-fleetmetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-jobtemplate](#awsiot-jobtemplate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-mitigationaction](#awsiot-mitigationaction) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-otaupdate](#awsiot-otaupdate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-rolealias](#awsiot-rolealias) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-scheduledaudit](#awsiot-scheduledaudit) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-stream](#awsiot-stream) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thingtype](#awsiot-thingtype) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_RequestTag___TagKey_](#awsiot-aws_RequestTag___TagKey_)
[#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_TestAuthorization.html](https://docs.aws.amazon.com/iot/latest/apireference/API_TestAuthorization.html) **
- **描述:** 授予测试组策略的策略评估的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_TestInvokeAuthorizer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_TestInvokeAuthorizer.html) **
- **描述:** 授予测试调用指定的自定义授权方以用于测试目的的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_TransferCertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_TransferCertificate.html) **
- **描述:** 授予将指定证书转移到指定证书的权限 AWS 账户
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UntagResource.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UntagResource.html) **
- **描述:** 授予取消标记指定资源的权限
- **访问级别:** 标签
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-cacert](#awsiot-cacert) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-certificateprovider](#awsiot-certificateprovider) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-domainconfiguration](#awsiot-domainconfiguration) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dynamicthinggroup](#awsiot-dynamicthinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-fleetmetric](#awsiot-fleetmetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-jobtemplate](#awsiot-jobtemplate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-mitigationaction](#awsiot-mitigationaction) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-otaupdate](#awsiot-otaupdate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-policy](#awsiot-policy) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-rolealias](#awsiot-rolealias) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-rule](#awsiot-rule) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-scheduledaudit](#awsiot-scheduledaudit) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-stream](#awsiot-stream) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thingtype](#awsiot-thingtype) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** / **条件键:** [#awsiot-aws_TagKeys](#awsiot-aws_TagKeys) / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAccountAuditConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAccountAuditConfiguration.html) **
- **描述:** 授予配置或重新配置此账户的 Device Defender 审核设置的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAuditSuppression.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAuditSuppression.html) **
- **描述:** 授予更新 Device Defender 审核抑制的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAuthorizer.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateAuthorizer.html) **
- **描述:** 授予更新授权方的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-authorizer](#awsiot-authorizer)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateBillingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateBillingGroup.html) **
- **描述:** 授予更新与指定账单组关联的信息的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-billinggroup](#awsiot-billinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCACertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCACertificate.html) **
- **描述:** 授予更新已注册 CA 证书的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cacert](#awsiot-cacert)
- **条件键:**
- **相关操作:** iam:PassRole
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCertificate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCertificate.html) **
- **描述:** 授予权限以更新指定证书的状态。此操作是幂等的
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-cert](#awsiot-cert)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCertificateProvider.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCertificateProvider.html) **
- **描述:** 授予权限以更新证书提供程序
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-certificateprovider](#awsiot-certificateprovider)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCommand.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCommand.html) **
- **描述:** 授予权限以更新命令
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-command](#awsiot-command)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCustomMetric.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateCustomMetric.html) **
- **描述:** 授予更新指定自定义指标的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDimension.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDimension.html) **
- **描述:** 授予更新维度定义的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDomainConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDomainConfiguration.html) **
- **描述:** 授予权限以更新域配置
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-domainconfiguration](#awsiot-domainconfiguration)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDynamicThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateDynamicThingGroup.html) **
- **描述:** 授予更新动态事物组的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-dynamicthinggroup](#awsiot-dynamicthinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateEncryptionConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateEncryptionConfiguration.html) **
- **描述:** 授予权限以为账户更新加密配置
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateEventConfigurations.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateEventConfigurations.html) **
- **描述:** 授予更新事件配置的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateFleetMetric.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateFleetMetric.html) **
- **描述:** 授予更新队列指标的权限
- **访问级别:** Write
- **资源类型(\* 为必需):** [#awsiot-fleetmetric](#awsiot-fleetmetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-index](#awsiot-index) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateIndexingConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateIndexingConfiguration.html) **
- **描述:** 授予更新队列索引配置的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateJob.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateJob.html) **
- **描述:** 授予权限以更新作业
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-job](#awsiot-job)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateMitigationAction.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateMitigationAction.html) **
- **描述:** 授予更新指定缓解操作的定义的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-mitigationaction](#awsiot-mitigationaction)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackage.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackage.html) **
- **描述:** 授予权限以更新程序包
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package)
- **条件键:**
- **相关操作:** iot:GetIndexingConfiguration
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackageConfiguration.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackageConfiguration.html) **
- **描述:** 授予权限以更新账户的程序包配置
- **访问级别:** 写入
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:** iam:PassRole
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackageVersion.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdatePackageVersion.html) **
- **描述:** 授予权限以更新指定程序包的版本
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-package](#awsiot-package) / **条件键:** / **相关操作:** iot:GetIndexingConfiguration
s3:GetObjectVersion
- **资源类型(\* 为必需):** [#awsiot-packageversion](#awsiot-packageversion) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateProvisioningTemplate.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateProvisioningTemplate.html) **
- **描述:** 授予更新队列预置模板的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-provisioningtemplate](#awsiot-provisioningtemplate)
- **条件键:**
- **相关操作:** iam:PassRole
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateRoleAlias.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateRoleAlias.html) **
- **描述:** 授予更新角色别名的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-rolealias](#awsiot-rolealias)
- **条件键:**
- **相关操作:** iam:PassRole
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateScheduledAudit.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateScheduledAudit.html) **
- **描述:** 授予权限以更新计划审核,包括执行的检查和审核执行的频率
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-scheduledaudit](#awsiot-scheduledaudit)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateSecurityProfile.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateSecurityProfile.html) **
- **描述:** 授予更新 Device Defender 安全配置文件的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-securityprofile](#awsiot-securityprofile) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-custommetric](#awsiot-custommetric) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-dimension](#awsiot-dimension) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateStream.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateStream.html) **
- **描述:** 授予更新流数据的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-stream](#awsiot-stream)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThing.html) **
- **描述:** 授予更新与指定事物关联的信息的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingGroup.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingGroup.html) **
- **描述:** 授予更新与指定事物组关联的信息的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingGroupsForThing.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingGroupsForThing.html) **
- **描述:** 授予更新事物所属的事物组的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing) / **条件键:** / **相关操作:**
- **资源类型(\* 为必需):** [#awsiot-thinggroup](#awsiot-thinggroup) / **条件键:** / **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/policy-actions.html) **
- **描述:** 授予更新事物影子的权限
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thing](#awsiot-thing)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingType.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateThingType.html) **
- **描述:** 授予权限以更新与指定事物类型关联的信息
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-thingtype](#awsiot-thingtype)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateTopicRuleDestination.html](https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateTopicRuleDestination.html) **
- **描述:** 授予更新权限 TopicRuleDestination
- **访问级别:** 写入
- **资源类型(\* 为必需):** [#awsiot-destination](#awsiot-destination)
- **条件键:**
- **相关操作:**
- ** [https://docs.aws.amazon.com/iot/latest/apireference/API_ValidateSecurityProfileBehaviors.html](https://docs.aws.amazon.com/iot/latest/apireference/API_ValidateSecurityProfileBehaviors.html) **
- **描述:** 授予验证 Device Defender 安全配置文件行为规范的权限
- **访问级别:** 读取
- **资源类型(\* 为必需):**
- **条件键:**
- **相关操作:**
## AWS 物联网定义的资源类型
以下资源类型是由该服务定义的,可以在 IAM 权限策略语句的 `Resource` 元素中使用这些资源类型。[操作表](#awsiot-actions-as-permissions)中的每个操作指定了可以使用该操作指定的资源类型。您也可以在策略中包含条件键,从而定义资源类型。这些键显示在资源类型表的最后一列。有关下表中各列的详细信息,请参阅[资源类型表](reference_policies_actions-resources-contextkeys.html#resources_table)。
****
| 资源类型 | ARN | 条件键 |
| --- | --- | --- |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-message-broker.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-message-broker.html) | arn:${Partition}:iot:${Region}:${Account}:client/${ClientId} | |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-indexing.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-indexing.html) | arn:${Partition}:iot:${Region}:${Account}:index/${IndexName} | |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-indexing.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-indexing.html) | arn:${Partition}:iot:${Region}:${Account}:fleetmetric/${FleetMetricName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-jobs.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-jobs.html) | arn:${Partition}:iot:${Region}:${Account}:job/${JobId} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/job-templates.html](https://docs.aws.amazon.com/iot/latest/developerguide/job-templates.html) | arn:${Partition}:iot:${Region}:${Account}:jobtemplate/${JobTemplateId} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-tunnels.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-tunnels.html) | arn:${Partition}:iot:${Region}:${Account}:tunnel/${TunnelId} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/thing-registry.html](https://docs.aws.amazon.com/iot/latest/developerguide/thing-registry.html) | arn:${Partition}:iot:${Region}:${Account}:thing/${ThingName} | |
| [https://docs.aws.amazon.com/iot/latest/developerguide/thing-groups.html](https://docs.aws.amazon.com/iot/latest/developerguide/thing-groups.html) | arn:${Partition}:iot:${Region}:${Account}:thinggroup/${ThingGroupName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/billing-groups.html](https://docs.aws.amazon.com/iot/latest/developerguide/billing-groups.html) | arn:${Partition}:iot:${Region}:${Account}:billinggroup/${BillingGroupName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/dynamic-thing-groups.html](https://docs.aws.amazon.com/iot/latest/developerguide/dynamic-thing-groups.html) | arn:${Partition}:iot:${Region}:${Account}:thinggroup/${ThingGroupName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/thing-types.html](https://docs.aws.amazon.com/iot/latest/developerguide/thing-types.html) | arn:${Partition}:iot:${Region}:${Account}:thingtype/${ThingTypeName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-message-broker.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-message-broker.html) | arn:${Partition}:iot:${Region}:${Account}:topic/${TopicName} | |
| [https://docs.aws.amazon.com/iot/latest/developerguide/topics.html](https://docs.aws.amazon.com/iot/latest/developerguide/topics.html) | arn:${Partition}:iot:${Region}:${Account}:topicfilter/${TopicFilter} | |
| [https://docs.aws.amazon.com/iot/latest/developerguide/authorizing-direct-aws.html](https://docs.aws.amazon.com/iot/latest/developerguide/authorizing-direct-aws.html) | arn:${Partition}:iot:${Region}:${Account}:rolealias/${RoleAlias} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/custom-authorizer.html](https://docs.aws.amazon.com/iot/latest/developerguide/custom-authorizer.html) | arn:${Partition}:iot:${Region}:${Account}:authorizer/${AuthorizerName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) | arn:${Partition}:iot:${Region}:${Account}:policy/${PolicyName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/x509-certs.html](https://docs.aws.amazon.com/iot/latest/developerguide/x509-certs.html) | arn:${Partition}:iot:${Region}:${Account}:cert/${Certificate} | |
| [https://docs.aws.amazon.com/iot/latest/developerguide/x509-certs.html](https://docs.aws.amazon.com/iot/latest/developerguide/x509-certs.html) | arn:${Partition}:iot:${Region}:${Account}:cacert/${CACertificate} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ota-dev.html](https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ota-dev.html) | arn:${Partition}:iot:${Region}:${Account}:stream/${StreamId} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ota-dev.html](https://docs.aws.amazon.com/freertos/latest/userguide/freertos-ota-dev.html) | arn:${Partition}:iot:${Region}:${Account}:otaupdate/${OtaUpdateId} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-audit.html](https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-audit.html) | arn:${Partition}:iot:${Region}:${Account}:scheduledaudit/${ScheduleName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-mitigation-actions.html](https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-mitigation-actions.html) | arn:${Partition}:iot:${Region}:${Account}:mitigationaction/${MitigationActionName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html](https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html) | arn:${Partition}:iot:${Region}:${Account}:securityprofile/${SecurityProfileName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html](https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html) | arn:${Partition}:iot:${Region}:${Account}:custommetric/${MetricName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html](https://docs.aws.amazon.com/iot/latest/developerguide/device-defender-detect.html) | arn:${Partition}:iot:${Region}:${Account}:dimension/${DimensionName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html) | arn:${Partition}:iot:${Region}:${Account}:rule/${RuleName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/rule-destination.html](https://docs.aws.amazon.com/iot/latest/developerguide/rule-destination.html) | arn:${Partition}:iot:${Region}:${Account}:ruledestination/${DestinationType}/${Uuid} | |
| [https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html](https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html) | arn:${Partition}:iot:${Region}:${Account}:provisioningtemplate/${ProvisioningTemplate} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/domain-configuration.html](https://docs.aws.amazon.com/iot/latest/developerguide/domain-configuration.html) | arn:${Partition}:iot:${Region}:${Account}:domainconfiguration/${DomainConfigurationName}/${Id} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/software-package-catalog.html](https://docs.aws.amazon.com/iot/latest/developerguide/software-package-catalog.html) | arn:${Partition}:iot:${Region}:${Account}:package/${PackageName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/software-package-catalog.html](https://docs.aws.amazon.com/iot/latest/developerguide/software-package-catalog.html) | arn:${Partition}:iot:${Region}:${Account}:package/${PackageName}/version/${VersionName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/provisioning-cert-provider.html](https://docs.aws.amazon.com/iot/latest/developerguide/provisioning-cert-provider.html) | arn:${Partition}:iot:${Region}:${Account}:certificateprovider/${CertificateProviderName} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
| [https://docs.aws.amazon.com/iot/latest/developerguide/iot-remote-command.html](https://docs.aws.amazon.com/iot/latest/developerguide/iot-remote-command.html) | arn:${Partition}:iot:${Region}:${Account}:command/${CommandId} | [#awsiot-aws_ResourceTag___TagKey_](#awsiot-aws_ResourceTag___TagKey_) |
## AWS 物联网的条件密钥
AWS IoT 定义了以下条件键,这些条件键可用于 IAM 策略的`Condition`元素。您可以使用这些键进一步细化应用策略语句的条件。有关下表中各列的详细信息,请参阅[条件键表](reference_policies_actions-resources-contextkeys.html#context_keys_table)。
要查看适用于所有服务的全局条件键,请参阅 [AWS 全局条件上下文键](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html)。
****
| 条件键 | 描述 | Type |
| --- | --- | --- |
| [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html) | 按请求中包含的标签键筛选访问 | 字符串 |
| [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html) | 按与请求中的 IoT 资源关联的标签的标签键组成筛选访问 | 字符串 |
| [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html) | 按请求中与 IoT 资源关联的标签键的列表筛选访问 | ArrayOfString |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 按客户端模式对 IoT 隧道的访问权限进行筛选 | 字符串 |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 按命令参数名称和布尔值筛选访问权限 | 布尔型 |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 按命令参数名称和数值筛选访问权限 | 数值 |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 按命令参数名称和字符串值筛选访问权限 | 字符串 |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 通过一个标志筛选访问权限,该标志指示在发出 iot: CloseTunnel 请求时是否还要立即删除物联网隧道 | 布尔型 |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 根据物联网的域名筛选访问权限 DomainConfiguration | 字符串 |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 按照 IoT 隧道的 IoT 事物组 ARN(拥有目标 IoT 事物)的列表筛选访问 | ArrayOfARN |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 按 IoT 隧道的目标服务列表筛选访问 | ArrayOfString |
| [https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html) | 按 IoT 事物的 ARN 筛选访问权限 | 进行筛选 |