Bosch IoT Suite

Create a new policy entry to allow Bosch IoT Insights read access to the demo device

Prerequisites

  • You are empowered to change the specific policy.

  • You have already booked an Bosch IoT Insights instance

  • You have already established the connection - Things to Insights connection

Goal

Given you need to provide your Bosch IoT Insights subscription permissions to READ the compass values of a Demo device.

The full path for a Demo device's compass feature would be thing:/features/compass.

Add the policy entry via the Developer Console

  1. Open the Things view

  2. Select the device whose policy needs a change

  3. Open the Policy view - you see the defaults created at step provisioning

  4. Click + to add an additional entry

  5. Set the label (any string, we call it INSIGHTS as a hint to better understand the policy

  6. Add the subject, which is composed following the pattern integration:ID:insights.

  7. Select integration from the drop-down

  8. Add the rest ID:insights from the Auth part in your connection (from the step before)

  9. Type, is any descriptive string, e.g. it-insights-integration-

  10. Click + to add an the resources, i.e. what will the subject have access to.

  11. The Resource path is thing:/features/compass.

  12. The permission Read.

  13. Save the settings.

images/confluence/download/attachments/1654955943/demo-policy-for-insights.png

Check the result in the JSON view

Your complete policy would look similar to the following example:

{
"policyId": "<your.namespace>:<your-demo-device-name>",
"entries": {
"DEFAULT": {
....
},
"DEVICE": {
....
},
"Insights": {
"subjects": {
"integration:<your-service-instannce-id>_things:insights": {
"type": "iot-insights-integration"
}
},
"resources": {
"thing:/features/compass: {
"grant": [
"READ"
],
"revoke": []
}
}
  }
}

Further reading

The basic concept and all types of subject and resources are documented at Bosch IoT Things > Concepts > Policies.