Getting Started with AWS IoT

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

David Yanacek, Principal Engineer, AWS IoT

8/11/2016

Getting Started with AWS IoT

What is so special about IoT?

• We are connecting the physical world• Energy, scale, security

• Communication isn’t always stable

• Software on things• Changing is hard, risky

• Where is the logic?

Goals:

1. The system of things

2. The life of a thing

3. The community of things

4. The wisdom of things

AWS IoT

AWS IoT

AWS IoT

AWS IoT

AWS IoT

AWS IoT

AWS IoT

The Story

A connected wind farm

Goals:





Birth of a thing

Connecting a thing to AWS IoT

Keys PermissionsRegistration

• Register things so you can find them later

• Searchable attributes

• Define things by type

Thing registration

aws.amazon.com

Certificates and keys

• Private key (authenticate the device)

• Certificate (register the device with IoT)

• Root certificate authority (authenticate IoT)

Permissions

• Control what a thing is allowed to do

• Connect, publish, subscribe, receive

• Attach policy to certificates

Permissions

{

"Effect": "Allow",

"Action": "iot:Publish",

"Resource": [

"arn:*:topic/private-topic/${iot:ClientId}",

"arn:*:topic/open-topic-space/*"

]

},

{

"Effect": "Allow",

"Action": "iot:Subscribe",

"Resource": "arn:*:topicfilter/private-topic/${iot:ClientId}/*"

}


Wizard to create certificate, keys, policy


Configuring a thing to talk to AWS IoT

// Dependencies

const awsIot = require('aws-iot-device-sdk');

// Configure and connect to AWS IoT

const device = awsIot.device({

keyPath: 'device-123.key.pem',

certPath: 'device-123.crt.pem',

caPath: 'rootCA.pem',

clientId: 'WindTurbine001',

protocol: 'mqtt',

port: 8883,

host: 'your-account-endpoint.iot.us-east-1.amazonaws.com',

});

Configuring a thing to talk to AWS IoT

// Dependencies

const awsIot = require('aws-iot-device-sdk');

// Configure and connect to AWS IoT

const device = awsIot.device({

keyPath: 'device-123.key.pem',

certPath: 'device-123.crt.pem',

caPath: 'rootCA.pem',

clientId: 'WindTurbine001',

protocol: 'mqtt',

port: 8883,

host: 'your-account-endpoint.iot.us-east-1.amazonaws.com',

});

AWS IoT supports MQTT, WebSocket, HTTP

Birth of a thing

Intermediate certificate authority

locally provisioned

async registration

Intermediate certificate authority

Just-in-time registration

AWS

Lambda

Simplified device security

AWS-ECC508

AWS

Lambda

Goals:





How can things interact?

• A thing can listen to a thing• MQTT / WebSocket

• A thing can command others• Querying/updating a shadow’s state

• Things can create a group discussion• Listen and discuss a topic

• Things׳ autocracy• Rules engine

• Application logic

• Distributed

Demo

Let’s see it again – Wind turbine

Wind turbine telemetry flow

CONNECTCONNECT


SUBSCRIBEturbine-1/data


PUBLISHturbine-1/data

Thing sending telemetry

// Craft a JSON message

var message = JSON.stringify({

rpm: 60,

current: 12

});

// Publish

device.publish('turbine-1/data', message);

App receiving telemetry

// Subscribe to messages on the turbine-1 topic

device.subscribe('turbine-1/data');

// Register a callback whenever we receive a message

device.on('message', function(topic, payload) {

// Print out the data we received

console.log('Got a message: ', topic, payload.toString());

});

Demo

Let’s see a command in action

AWS IoT – Thing’s shadow

Device

Shadow

Applications

AWS IoT device shadow - Simple yet powerful

{

"state" : {

"desired" : {

"lamp": "ON",

"fan" : "ON"

},

"reported" : {

"lamp": "OFF",

"fan" : "ON"

},

"delta" : {

"lamp": "ON",

} },

"version" : 10

}

Thing

Reports its current state to one or multiple shadows

Retrieves its desired state from shadow

Your application

Sets the desired state of a device

Gets the last reported state of the device

Shadow

Shadow reports delta, desired, and reported

states along with metadata and a version

Device

Shadow

Applications

Goals:





Demo

Analyze wind farm performance

amzn.to/iotwindfarm

Rules engine

Rules engine: Extracting value from messages

• Filter messages with certain criteria

• Transform the payload of messages

• React based on messages• Move messages to other topics

• Move messages to other systems

• Predict changes based on trends

Rules engine: Move messages to other systems

Invoke a Lambda function

Put object in an S3 bucket

Insert, update a

DynamoDB table

Publish to an SNS topic

or endpoint

Publish to an Amazon Kinesis

stream (and to EMR and Spark)

Publish to Firehose

Republish to AWS IoT

Publish to Amazon ES

Capture a CloudWatch

metric or change an alarm

Write to SQS queue

Rules engine: Move messages to other systems

Publish to Amazon Elasticsearch

Service

Write to SQS queue

Publish to an SNS topic

or endpoint

A rule in AWS IoT

aws iot create-topic-rule --rule-name WindFarmData --topic-rule-payload

{

"sql": "SELECT datapoint_id, current, rotation_speed, location,

topic(2) as turbine_id, timestamp() as time,

FROM 'wind-farm/+/data'",

"description": "Save data from wind turbines into Elasticsearch",

"actions": [

{

"elasticsearch": {

"roleArn": "arn:aws:iam::123456789012:role/aws_iot_windfarm",

"endpoint": "https://my-es-endpoint.us-west-2.es.amazonaws.com",

"index": "turbine-data",

"type": "measurement",

"id": "${CONCAT(datapoint_id, '_', turbine_id)}"

}}]}

RouteFilter, transform

Creating an Elasticsearch domain

Amazon Machine Learning Predict function

Summary:





What’s next?

Getting Started

with AWS IoT

Blog and Forums

for AWS IoT

Github

AWS IoT Device SDK

Remember to complete

your evaluations!

@dyanacek

Technology

Getting Started with AWS IoT