本文為英文版的機器翻譯版本，如內容有任何歧義或不一致之處，概以英文版為準。

# 保留訊息政策範例
<a name="retained-message-policy-examples"></a>

使用[保留訊息](mqtt.md#mqtt-retain)需要特定的政策。保留的訊息是使用 RETAIN 旗標設定並存放的 MQTT 訊息 AWS IoT Core。本節提供允許保留訊息常見用途的政策範例。

**Topics**
+ [連線和發佈保留訊息的政策](#retained-message-policy-examples-publish)
+ [連線和發佈保留 Will 訊息的政策](#retained-message-policy-examples-publish-lwt)
+ [列出和取得保留訊息的政策](#retained-message-policy-examples-list-get)

## 連線和發佈保留訊息的政策
<a name="retained-message-policy-examples-publish"></a>

對於發佈保留訊息的裝置，裝置必須能夠連線和發佈任何 MQTT 訊息，也能發佈 MQTT 保留訊息。下列政策會授予以下主題的許可：`device/sample/configuration` 至用戶端 **device1**。如需授予連線許可的其他範例，請參閱 [連線和發佈政策範例](connect-and-pub.md)。

****  

```
{
	"Version":"2012-10-17",		 	 	 
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"iot:Connect"
			],
			"Resource": [
				"arn:aws:iot:us-east-1:123456789012:client/device1"
			]
		},
		{
			"Effect": "Allow",
			"Action": [
				"iot:Publish",
				"iot:RetainPublish"
			],
			"Resource": [
				"arn:aws:iot:us-east-1:123456789012:topic/device/sample/configuration"
			]
		}
	]
}
```

## 連線和發佈保留 Will 訊息的政策
<a name="retained-message-policy-examples-publish-lwt"></a>

用戶端可以設定訊息， AWS IoT Core 在用戶端意外中斷連線時發佈。MQTT 會將這類訊息稱為 [*Will* 訊息](http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html#_Will_Flag)。用戶端必須將擁有的其他條件新增至其連線許可，才能包含這些條件。

下列政策文件會授予所有用戶端連線和發佈 Will 訊息的許可；此類訊息由其主題 (`will`) 識別， AWS IoT Core 也將保留。

****  

```
{
	"Version":"2012-10-17",		 	 	 
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"iot:Connect"
			],
			"Resource": [
				"arn:aws:iot:us-east-1:123456789012:client/device1"
			],
			"Condition": {
				"ForAllValues:StringEquals": {
					"iot:ConnectAttributes": [
						"LastWill"
					]
				}
			}
		},
		{
			"Effect": "Allow",
			"Action": [
				"iot:Publish",
				"iot:RetainPublish"
			],
			"Resource": [
				"arn:aws:iot:us-east-1:123456789012:topic/will"
			]
		}
	]
}
```

## 列出和取得保留訊息的政策
<a name="retained-message-policy-examples-list-get"></a>

服務和應用程式可以透過呼叫 [https://docs.aws.amazon.com//iot/latest/apireference/API_iotdata_ListRetainedMessages.html](https://docs.aws.amazon.com//iot/latest/apireference/API_iotdata_ListRetainedMessages.html) 和 [https://docs.aws.amazon.com//iot/latest/apireference/API_iotdata_GetRetainedMessage.html](https://docs.aws.amazon.com//iot/latest/apireference/API_iotdata_GetRetainedMessage.html) 來存取保留訊息，不需支援 MQTT 用戶端。必須透過使用如下範例的政策來對呼叫這些動作的服務和應用程式進行授權。

****  

```
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iot:ListRetainedMessages"
            ],
            "Resource": [
                "arn:aws:iot:us-east-1:123456789012:client/device1"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "iot:GetRetainedMessage"
            ],
            "Resource": [
                "arn:aws:iot:us-east-1:123456789012:topic/foo"
            ]
        }
    ]
}
```