AWS IoT Platform
David Reines
VP of Technology
Object Partners, Inc.
david.reines@objectpartners.com
@dhreines
David Reines, VP of Technology at Object Partners
Eighteen years of industry experience
Sixteen years at Object Partners
Nine years telematics experience
Development, Architecture, Technology Leadership
Cloud Services, Distributed Systems, Microservices, Distributed Data Stores, Messaging Systems
Building and Delivering Custom Software Solutions
Since 1996
~100 Full-time Consultants
Minneapolis, Omaha, Chicago
Clients Nationwide
JVM
JavaScript
DevOps and Continuous Delivery
Real-time Data
Mobile
Solution Delivery
Managed platform for internet connected devices.
Fully Managed Service
Readily Available
Highly Scalable
Secure
Standard Protocol Support
Device Management Services
Simplified Integrations
Creating a Device
Understanding the Broker
Publishing Data via a Device
Capturing Data in the Cloud
Consuming Data via a Device
Managing Device State
Monitoring
Up to three attributes
Searchable
Simplifies management
Not required
Thing type and non-searchable attributes optional.
Download private key and certificate for device communication.
To a device and policy.
Pub/Sub message broker supporting MQTT, MQTT/WebSockets and HTTP (pub only).
An ISO standard (ISO/IEC PRF 20922) publish-subscribe-based "lightweight" messaging protocol for use on top of the TCP/IP protocol. It is designed for connections with remote locations where a "small code footprint" is required or the network bandwidth is limited.
https://en.wikipedia.org/wiki/MQTT
Clients connect with a "ClientId".
Clients publish messages to a "Topic".
Clients subscribe to "TopicFilters".
// topics are divided into levels
abccompany/west/speed/SampleDevice
abccompany/east/temperature/AnotherDevice
// topic filters allow single (+) and multi-level (#) wildcards
// topic filter matching all west coast speed messages
abccompany/west/speed/+
// topic filter matching all abccompany messages in all regions
abccompany/#
// topic filter matching all speed messages
abccompany/+/speed/+QOS 0 (at most once)
QOS 1 (at least once)
QOS 2 (exactly once)
not supported
TLS Encryption
Authentication
X.509 Certificate (MQTT, HTTPS)
AWS IAM (HTTPS, WebSockets)
AWS Cognito (HTTPS, WebSockets)
AWS Policy Based Authorization
iot:Connect, iot:Publish, iot:Subscribe, iot:Receive
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:us-east-1:<aws-account>:client/SampleDevice"
]
}{
"Effect": "Allow",
"Action": [
"iot:Subscribe"
],
"Resource": [
"arn:aws:iot:us-east-1:<aws-account>:topicfilter/sample/SampleDevice"
]
}{
"Effect": "Allow",
"Action": [
"iot:Receive"
],
"Resource": [
"arn:aws:iot:us-east-1:<aws-account>:topic/sample/SampleDevice"
]
}{
"Effect": "Allow",
"Action": [
"iot:Publish"
],
"Resource": [
"arn:aws:iot:us-east-1:<aws-account>:topic/abccompany/west/speed/${iot:ClientId}"
]
}QOS 2, cleanSession=false and more…
http://docs.aws.amazon.com/iot/latest/developerguide/protocols.html
Device Shadows
Application Level Acknowledgements
Lifecycle Events (Connect/Disconnect)
via a Device
Embedded C, JavaScript, Arduino Yún
Java, Python, iOS, Android
CertificateUtils.KeyStorePasswordPair pair = CertificateUtils.getKeyStorePasswordPair(
clientConfig.certificateFile, clientConfig.privateKeyFile
);
awsIotMqttClient = new AWSIotMqttClient(
clientConfig.clientEndpoint, clientConfig.clientId, pair.keyStore, pair.keyPassword
);
awsIotMqttClient.connect();// sample speed publisher (see sample application)
awsIotMqttClient.publish("speed/" + clientId, AWSIotQos.QOS1, payload);Server-Side
Provides SQL-like syntax for selecting messages and performing various actions.
SELECT *
FROM 'speed/+'
WHERE speed > 55AWS ElasticSearch, Firehose, Kinesis, Lambda, SQS, S3, DynamoDB, Republish, CloudWatch, SNS
Send speeding messages to SQS.
via a Device
public void subscribe() throws AWSIotException {
log.info("Subscribing to sample topic.");
AWSIotTopic topic = new AWSIotTopic("sample/" + clientId, AWSIotQos.QOS1) {
@Override public void onMessage(AWSIotMessage message) {
log.debug("Received message: {}", message.getStringPayload());
}
};
awsIotMqttClient.subscribe(topic);
}Provides service for managing device state.
{
"desired": {
"minSpeed": 20
},
"reported": {
"minSpeed": 20
}
}$aws/things/thingName/shadow/update
$aws/things/thingName/shadow/update/accepted
$aws/things/thingName/shadow/update/documents (previous/current)
$aws/things/thingName/shadow/update/rejected
$aws/things/thingName/shadow/update/delta
$aws/things/thingName/shadow/get
$aws/things/thingName/shadow/get/accepted
$aws/things/thingName/shadow/get/rejected
$aws/things/thingName/shadow/delete
$aws/things/thingName/shadow/delete/accepted
$aws/things/thingName/shadow/delete/rejected// Java Helper
public class SampleShadowDevice extends AWSIotDevice {
....
@AWSIotDeviceProperty
private volatile int minSpeed;
public int getMinSpeed() {
return minSpeed;
}
public void setMinSpeed(int minSpeed) {
this.minSpeed = minSpeed;
}
}iot:DeleteThingShadow
iot:UpdateThingShadow
iot:GetThingShadow
Metrics, Alarms, Logs, Events