We have Mobile PlatformApplication arns in AWS account-1, and we can publish PNs to endpoint arns with our java-service in the same account.
But when trying to publish PNs with our java-service in different AWS accounts, we get com.amazonaws.services.sns.model.AuthorizationErrorException.
There seems no option to provide a resource-based policy for these SNS PlatformApplication. How can we solve this?
Thanks in Advance!
Today, you cannot do cross-account publishes directly to endpoints.
However, you can create an IAM role under the account with the endpoints that the other account is able to assume. Once the role has been assumed, the second account would be able to publish to the endpoint as usual.