The documentation of AttachThingPrincipal states that:
You can use the AttachThingPrincipal API to attach certificates and authenticated Amazon Cognito identities to a Thing.
However, when I try to use iot:Connection.Thing.IsAttached in an IAM policy, like so:
"Condition": {
"Bool": {
"iot:Connection.Thing.IsAttached": "true"
}
}
I get the error "invalid condition key format". This remains the case when I play with the key value, like using ${}, and removing the quotes.
Whenever I see examples of the use of iot:Connection.Thing.IsAttached, it's always in the context of an IoT policy, but that pertains to the Thing's policy, while I'm trying to configure the Cognito Identity permissions to access the device shadow. If Cognito identities are supposedly supported by AttachThingPrincipal, then how do I address their attached status in the IAM role policy that's associated with the identity?