AWS IoT is a managed cloud platform that allows connected IoT devices to easily and securely interact with cloud applications and other devices. In this session, we will discuss how constrained devices can leverage the AWS IoT service to send data to the cloud and receive commands back to the device using the protocol of their choice. We will discuss how devices can connect securely using MQTT and HTTP protocols, and how developers and businesses can leverage the AWS IoT Rules Engine, Thing Shadows, and accelerate prototype development using AWS IoT Device SDKs. Finally, we will cover new features released since the launch of AWS IoT including integration with Amazon Machine Learning and Amazon ElasticSearch Service.
7. Publish / Subscribe
Standard Protocol Support
MQTT, HTTP, WebSockets
Long Lived Connections
Receive signals from the cloud
Secure by Default
Connect securely via X509 Certs
and TLS 1.2 Client Mutual Auth
8. Sensor Messages
Standard Protocol Support
MQTT, HTTP, WebSockets
Topic / Channel
Message routing hierarchy.
Control over full tree
Payload (JSON)
Customer Defined JSON payload
10. Extracting the value from messages
• Filter messages with certain criteria
• Move messages to other topics
• Move messages to other systems
• Transform the payload of messages
• Predict messages based on trends
• React based on messages
12. AWS IoT - SQL Reference
SELECT DATA FROM TOPIC WHERE FILTER
• Like scanning a database table
• Default source is an MQTT topic
EXAMPLES:
• FROM mqtt(‘my/topic’)
• FROM mqtt(‘my/wildcard/+/topic’)
• FROM (‘my/topic’)
13. Rules Engine
• Familiar SQL syntax
• SELECT * FROM topic WHERE filter
• Functions
• String manipulation (regex support)
• Mathematical operations
• Context based helper functions
• Crypto support
• UUID, timestamp, rand, etc.
• Execute Simultaneous Actions
19. 1. Device Publishes Current State
2. Persist JSON Data Store
3. App requests device’s current state
4. App requests change the state
5. Device Shadow sync’s
updated state
6. Device Publishes Current State 7. Device Shadow confirms state change
AWS IoT Device Shadow Flow
20. AWS IoT Device Shadow - Simple Yet Powerful
{
"state" : {
“desired" : {
"lights": { "color": "RED" },
"engine" : "ON"
},
"reported" : {
"lights" : { "color": "GREEN" },
"engine" : "ON"
},
"delta" : {
"lights" : { "color": "RED" }
} },
"version" : 10
}
Device
Report its current state to one or multiple shadows
Retrieve its desired state from shadow
Mobile App
Set the desired state of a device
Get the last reported state of the device
Delete the shadow
Shadow
Shadow reports delta, desired and reported
states along with metadata and version
24. TLS Mutual Authentication
• Create CSR
• Create X.509 Certificate from CSR
• Activate the Certificate
• Create Policy
• Attach Policy to Certificate
* Certificate must be issued by AWS IoT
25. new: Bring Your Own Certificate
• Use Certificates issued by your own CA
• Existing certificate issuance infrastructure
• Use certificates already on-board
• Limited Internet connectivity from assembly / manufacturing
locations
• Seamless provisioning of devices
• 8 new API calls to support management of certificates
29. Securing User Access
• WebSockets support SigV4 Authentication
• IAM Roles and Policies
• Cognito Identity Pools
• Anonymous access to iot:Subscribe
• Use your own application level authentication patterns