User Tools

Site Tools


Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
aws-integration [2020/05/21 10:08]
emozolyak [Create a Certificates]
aws-integration [2020/06/05 14:29] (current)
emozolyak [Test connection via PC client]
Line 1: Line 1:
 ====== AWS Integration ====== ​ ====== AWS Integration ====== ​
 ===== Introduction =====  ===== Introduction ===== 
-Data can be transferred to AWS IoT Core in a number of ways, but in this guide, we’ll focus on sending data in JSON format via Message Queuing Telemetry Transport (MQTT), which is an efficient publish-subscribe-based messaging protocol optimised for high-latency,​ low-bandwidth networks connections.\\  +Data can be transferred to Amazon Web Services ​IoT Core in a number of ways, but in this guide, we’ll focus on sending data in JSON format via Message Queuing Telemetry Transport (MQTT), which is an efficient publish-subscribe-based messaging protocol optimised for high-latency,​ low-bandwidth networks connections.\\  
-[[mqtt|More ​details can be read here]]+[[mqtt|More ​about MQTT on WebHMI ​here]]
 ===== Configure AWS IoT Core =====  ===== Configure AWS IoT Core ===== 
-{{ :​wiki:​iot:​aws:​aws_console_no_login.png?​nolink ​|}}+{{ :​wiki:​iot:​aws:​aws_console_no_login.png?​direct ​|}}
 The AWS Management Console is a browser-based GUI for Amazon Web Services through which a customer can manage their cloud computing, cloud storage and other resources running on the Amazon Web Services infrastructure. ​ The AWS Management Console is a browser-based GUI for Amazon Web Services through which a customer can manage their cloud computing, cloud storage and other resources running on the Amazon Web Services infrastructure. ​
 ==== Log in to your AWS Console ==== ==== Log in to your AWS Console ====
 To get started, sign up for an account on AWS or log in to your existing account at [[https://​console.aws.amazon.com/​|AWS Console]]. To get started, sign up for an account on AWS or log in to your existing account at [[https://​console.aws.amazon.com/​|AWS Console]].
-{{ :​wiki:​iot:​aws:​aws_console.png?​nolink ​|}}+{{ :​wiki:​iot:​aws:​aws_console.png?​direct |}} 
 +Then go to AWS IoT Core. 
 +{{ :​wiki:​iot:​aws:​aws_console_iot_core.png?​direct ​|}}
 ==== Create a new '​Thing'​ ==== ==== Create a new '​Thing'​ ====
 AWS IoT Core refers to devices that connect to the platform as Things (as a unit of Internet of Things). AWS IoT Core refers to devices that connect to the platform as Things (as a unit of Internet of Things).
-There is an AWS IoT Interactive Tutorial to create ​first Thing. It is recommended ​to not to skip it for first time. But to improve repeatability of the tutorial it would be skipped. +There is an AWS IoT Interactive Tutorial to create ​the first Thing. It is recommended not to skip it for the first time. But to improve ​the repeatability of the tutorial it would be skipped
-{{ :​wiki:​iot:​aws:​aws_console_iot_create_thing_0.png?​nolink ​|}} +\\  
-{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_create_thing.png?​nolink ​|}} +\\  
-{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_create_thing_1.png?​nolink ​|}} +Go to Manage, Things submenu and let's create a new Thing
- +{{ :​wiki:​iot:​aws:​aws_console_iot_create_thing_0.png?​direct ​|}} 
-{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_create_thing_cert.png?​nolink ​|}} +Pick the single Thing to be created. 
 +{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_create_thing.png?​direct ​|}} 
 +Fill in the required fields, such as Thing'​s name. Remember that the name can't be changed. But Tags inside that Thing can be edited. ​ 
 +{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_create_thing_1.png?​direct ​|}} 
 +At the moment it would be convenient to create a [[aws-integration#​create_a_new_thing_type|Thing Type]] which is a template for new Things. \\  
 +\\  
 +Select the "​one-click certificate creation"​. 
 +{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_create_thing_cert.png?​direct ​|}} 
 +As a result you should see notifications in the top-right corner about successfully created certificates. 
 +{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_create_thing_cert_done.png?​direct |}} 
 +Download and secure the following files. 
 +Root CA selection and downloading will be shown [[aws-integration#​create_a_certificates|later]].
 ==== Create a new Thing Type ==== ==== Create a new Thing Type ====
-To effectively create a bunch of '​Things'​ the best practice is to create a template. Such a template is a 'Thing Type'. It is also good representation ​to real-world devices of the same model.+To effectively create a bunch of '​Things'​ the best practice is to create a template. Such a template is a 'Thing Type'. It is also good representation ​of real-world devices of the same model.
 You can also predefine a Tag for Thing, both in template and individual to simplify the search in the fleet of Things and also to understand which real device is bound to particular Thing, e.g. both S/N and location. You can also predefine a Tag for Thing, both in template and individual to simplify the search in the fleet of Things and also to understand which real device is bound to particular Thing, e.g. both S/N and location.
 ==== Create a Certificates ==== ==== Create a Certificates ====
 +At the moment you should have .pem certificate with private and public keys generated and downloaded. Keep them secure.
 +The last piece of the certificates-puzzle is a Root CA certificate. To publish them or the possibility of its theft is risky due to possible unwanted payments. But that does not apply to Root CA certificate,​ because it is public already. \\ 
 +\\ 
 + 
 +{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_cert_ca.png?​direct |aws_console_iot_cert_ca}}
 +The last step is to activate Thing'​s certificate in the IoT console, Manage menu entry, Things, select the Thing and go to Security, select linked certificate and click Actions in top right corner and click "​Activate"​.
  
-{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_create_thing_cert_done.png?​nolink |}} 
-Download root key and private with pem 
-{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_cert_ca.png?​nolink |aws_console_iot_cert_ca}} 
-Activate Thing'​s certificate in the IoT console 
  
-{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_cert_activate.png?​nolink ​|}} +{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_cert_activate.png?​direct ​|}} 
-{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_cert_activated.png?​nolink ​|}}+The certificate status in the top left corner must change to "​ACTIVE"​. 
 +{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_cert_activated.png?​direct ​|}}
  
-Configure mqtt.fx to work with AWS+==== Create a Policies ==== 
 +To establish connection it is policies should be configured. 
 +If there is no policies during Thing creation generated, let's do this manually. 
 +{{ :​wiki:​iot:​aws:​policy:​aws_console_iot_create_thing_cert_policy_no_foundh.png?​direct |}} 
 +Go to IoT Core Manage, select your Thing, then Secure, Policies. Let's create a new one. 
 +{{ :​wiki:​iot:​aws:​policy:​AWS_console_iot_create_thing_secure_no_policy.png?​direct |}} 
 +Use the following setting to test connection. Wildcard symbol **//*//** represents all of availiable ARNs and subaction such as "​iot:​Publish",​ "​iot:​Subcribe"​ etc. 
 +{{ :​wiki:​iot:​aws:​policy:​AWS_console_iot_create_thing_secure_create_policy_best_practise.png?​direct |}} 
 +So now it is created. 
 +{{ :​wiki:​iot:​aws:​policy:​AWS_console_iot_create_thing_secure_create_policy_success.png?​direct |}} 
 +So going back to Thing, Certificate,​ Policies and select the policy that created. 
 +{{ :​wiki:​iot:​aws:​policy:​aws_console_iot_create_thing_cert_policy_selected.png?​direct |}} 
 +That's how it is should looks like at the final. 
 +{{ :​wiki:​iot:​aws:​policy:​AWS_console_iot_create_thing_cert_policy_attached.png?​direct |}} 
 +==== Interact ​with Shadow ==== 
 +This is the current state of AWS Thing'​s Shadow. It is representation of last reported state of Thing. It is strict formatted, to found out more follow the link: [[https://​docs.aws.amazon.com/​iot/​latest/​developerguide/​device-shadow-document-syntax.html|AWS Shadow format]]
  
 +{{ :​wiki:​iot:​aws:​shadow:​aws_console_iot_shadow_arn.png?​direct |}}
 +The "​Interact"​ tab is shows to us all of MQTT topics, so that we can see which metric we shound use to interact with and the responses read from. Also here is endpoint, it is MQTT broker address for our connection.
 +{{ :​wiki:​iot:​aws:​shadow:​aws_console_iot_interact_topics.png?​direct |}}
 +
 +==== Test connection via PC client ====
 +
 +At the moment all settings done. To test it let's configure "​MQTT.fx"​ to work with AWS through TLSv1.2 using .pem certificates as authorization.
 +
 +Broker Address is the endpoint in the thing interact settings.
 According to [[https://​docs.aws.amazon.com/​iot/​latest/​developerguide/​protocols.html|AWS Developer Guide]] MQTT Broker Port is 8883. According to [[https://​docs.aws.amazon.com/​iot/​latest/​developerguide/​protocols.html|AWS Developer Guide]] MQTT Broker Port is 8883.
  
-Broker Address is endpoint in the thing interact settings. 
-{{ :​wiki:​iot:​aws:​cert:​aws_console_iot_mqtt_endpoint_topics.png?​nolink |}} 
  
-In the end, this lead us to this settings in MQTT.fx to test connection. +In the end, this leads us to these settings in MQTT.fx to test the connection. 
-{{ :​wiki:​iot:​aws:​cert:​mqttfx_to_aws_settings.png?​nolink ​|}}+{{ :​wiki:​iot:​aws:​cert:​mqttfx_to_aws_settings.png?​direct ​|}}
  
 +Click the Apply and try to connect to AWS MQTT Broker. If settings are correct the connection will be established and indicator will be green. ​
  
-==== Work with Policies ​==== +Let's test shadow change: 
-Apply to IoT to work with mqtt, +Copy the "​...update"​ MQTT topic from Interact tab to "​Publish"​ form.  
 +{{ :​wiki:​iot:​aws:​shadow:​aws_console_iot_interact_topics_upd_topic_cr.png?​direct |}} 
 +And construct the JSON formatted message to update the shadow.  
 +<code - MQTT Publish shadow update.json>​ 
 +
 +"​state":​{ 
 + "​reported":​ { 
 +     "​number":​ 380567969690,​ 
 +     "​name":​ "​WebHMI",​ 
 +     "​status":​ true 
 +     } 
 +
 +
 +</​code>​ 
 +{{ :​wiki:​iot:​aws:​shadow:​aws_console_iot_shadow_manual_upd.png?​direct |}} 
 +In case of mistake in the JSON format it will be received to "​...rejected"​ topic message: 
 +{{ :​wiki:​iot:​aws:​shadow:​mqttfx_subscribe_aws_console_iot_shadow_manual_upd_rejected.png?​direct |}} 
 +When everything is configured well, the publish to "​...update"​ topic will lead to "​...update/​accepted"​ message with retelling of your payload. 
 +{{ :​wiki:​iot:​aws:​shadow:​mqttfx_subscribe_aws_console_iot_shadow_manual_upd_accepted.png?​direct |}} 
 +So that, you can notice that Shadow is holds last manual reported state. 
 +{{ :​wiki:​iot:​aws:​shadow:​aws_console_iot_shadow_changed.png?​direct |}} 
 + 
 + 
 + 
 +==== IoT Core Act/​Rules  ​====
 create a rules to post to DynamoDB, apply pol, create a rules to post to DynamoDB, apply pol,
-create a rules to send to QuickSight, apply pol,+create a rules to send to QS, apply pol, 
 +1){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_no_rules.png?​direct |}} 
 +(2)) {{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_create.png?​direct |}} 
 +5) {{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_iot_republish.png?​direct |}} 
 +(3)) {{ :​wiki:​iot:​aws:​act:​AWS_IoT_Core_Thing_Act_create_republish_topic_name.png?​direct |}} 
 + 
 + 
 +6){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_iot_analytics_republish_role.png?​direct |}} 
 +7){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_iot_analytics_republish_policy_attached.png?​direct |}} 
 + 
 +8){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_iot_analytics_republish_error_rule.png?​direct |}} 
 +9){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_iot_analytics_republish_rule_test.png?​direct |}} 
 +10){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_republish_test.gif?​direct |}} 
 +<code sql>​SELECT cast(state.reported.number as DECIMAL) as digits,  
 +cast((state.reported.name) as STRING ) as name  
 +FROM '​$aws/​things/​WebHMI_Dnipro_1/​shadow/​update'</​code>​ 
 +(4)) {{ :​wiki:​iot:​aws:​act:​AWS_IoT_Core_Thing_Act_SQL.png?​direct |}} 
 +11){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_iot_analytics.png?​direct |}} 
 +12){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_iot_analytics_settings.png?​direct |}} 
 +13){{ :​wiki:​iot:​aws:​act:​aws_iot_core_thing_act_iot_analytics_resoursed_succeed.png?​direct |}} 
 +14){{ :​wiki:​iot:​aws:​act:​aws_iot_analytics_quicksight_dashboard_new_analysis.png?​direct |}} 
 +15){{ :​wiki:​iot:​aws:​act:​aws_iot_analytics_quicksight_dashboard_new_analysis_new_dataset.png?​direct |}} 
 +16){{ :​wiki:​iot:​aws:​act:​aws_iot_analytics_quicksight_dashboard_new_analysis_new_dataset_source.png?​direct |}} 
 +17){{ :​wiki:​iot:​aws:​act:​aws_iot_analytics_quicksight_dashboard_new_analysis_new_dataset_source_iot_analytics.png?​direct |}} 
 +18){{ :​wiki:​iot:​aws:​act:​aws_iot_analytics_quicksight_dashboard_new_analysis_new_dataset_source_iot_analytics_import_finished.png?​direct |}} 
 + 
 +20){{ :​wiki:​iot:​aws:​act:​aws_iot_analytics_quicksight_dashboard.png?​direct |}} 
 +---- 
 +DDB 
 +21){{ :​wiki:​iot:​aws:​act:​ddb_create.png?​direct |}} 
 +22){{ :​wiki:​iot:​aws:​act:​ddb:​DDB_create_settings.png?​direct |}} 
 +23){{ :​wiki:​iot:​aws:​act:​ddb:​DDB_created.png?​direct |}} 
 +{{ :​wiki:​iot:​aws:​act:​ddb:​aws_iot_core_thing_act_ddb_rule.png?​direct |}} 
 +{{ :​wiki:​iot:​aws:​act:​ddb:​aws_iot_core_thing_act_ddb_rule_policy_updated.png?​direct |}}{{ :​wiki:​iot:​aws:​act:​ddb:​aws_iot_core_thing_act_ddb.png?​direct |}} 
 +{{ :​wiki:​iot:​aws:​act:​ddb:​mqttfx_publish_to_ddb.png?​direct |}} 
 +{{ :​wiki:​iot:​aws:​act:​ddb:​ddb_items_added.png?​direct |}}
 ===== Configure WebHMI =====  ===== Configure WebHMI ===== 
 Copy certificates to WebHMI connection Copy certificates to WebHMI connection
-====Device Shadows ​===== +Test it with AWS MQTT Client  
 +==== AWS IoT Device Shadows ====
 Test with AWS tester MQTT: try update shadow with hello world Test with AWS tester MQTT: try update shadow with hello world
 ==== JSON formatted payload ==== ==== JSON formatted payload ====
Line 77: Line 175:
 To check the result of script work let’s check “iot-test” subscribed topic in MQTT.fx. To check the result of script work let’s check “iot-test” subscribed topic in MQTT.fx.
  
-{{ ::​wiki:​mqtt:​client:​json:​протокол_связи_mqtt_на_webhmi_json_encode_test.png?​nolink ​|}}+{{ ::​wiki:​mqtt:​client:​json:​протокол_связи_mqtt_на_webhmi_json_encode_test.png?​direct ​|}}
  
 //Hint: There is drop-down list with MQTT payload format selector in the lower right corner.// //Hint: There is drop-down list with MQTT payload format selector in the lower right corner.//
Line 84: Line 182:
  
 Test WebHMI can post to AWS shadow, Test WebHMI can post to AWS shadow,
 +create Actions, apply pols,
 check the DynamoDB update, check Kibana metric created. check the DynamoDB update, check Kibana metric created.
 +
 +Work with Kibana
  
  
  
  

Page Tools