AWS IoT Core

Connecting AWS IoT Service

Websocket Connection

1. AWS IAM Service setup, in this step we will get access key and secret key for Proxy to be able to authenticate websocket to communicate with AWS IoT

  1. Register Amazon AWS service account
  2. Login AWS web console, and open IAM service
  3. Navigate to Users -> Add user, and then fill user name with checkbox Programmatic access -> Next Permissions
  4. Choose Add user to group option, and then Create Group with AWSIoTFullAccess permission -> Next Review -> Finish Create user
  5. Now, you should save the access key (i.e. AKIAJKSTVJUC4IQ5EAZQ) and secret access key (i.e. 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)

2. AWS IoT Service Setup, in this step we will get endpoint uri for Proxy to able to target right AWS IoT service in behalf of device clients.

  1. Open AWS IoT Service from web console
  2. Click Settings at left-bottom corner of the screen.
  3. You will find the Custom endpoint value, i.e. “axfcb1ozcf4iq.iot.eu-west-1.amazonaws.com”.

    Keep in mind that endpoint uri has Region, which is your choice for IoT service.

3. Now you can use/insert above three arguments(access key, secret key, and IoT endpoint uri) in Proxy Redis server, for clients’ Endpoint object.

TCP/TLS Connection

1. AWS IAM Service setup, in this step we will get a user to be able to access AWS IoT

  1. Register Amazon AWS service account
  2. Login AWS web console, and open IAM service
  3. Navigate to Users -> Add user, and then fill user name with checkbox Programmatic access -> Next Permissions
  4. Choose Add user to group option, and then Create Group with AWSIoTFullAccess permission -> Next Review -> Finish Create user
  5. Logout, and then logon AWS webconsole with created user, which will only have access to IoT service.

2. AWS IoT Service Setup, in this step we will get certs and endpoint uri for Proxy to able to target right AWS IoT service in behalf of device clients.

  1. Time to configure a device, by navigating to AWS IoT -> Onboard -> Configuring a device -> Get Started
  2. Choose any platform and SDK, whichever will give you the X509 certifications generated by AWS CA root.
  3. Next step, you give a Thing name, i.e. “Asavie-IoT-Proxy”
  4. Next step, you will be asked to download connection kit, in which you will get such certs as: 
    1
2
3

     Asavie-IoT-Proxy.cert.pem
 Asavie-IoT-Proxy.private.key
 Asavie-IoT-Proxy.public.key
  5. Click Settings at left-bottom corner of the screen. You will find the Custom endpoint value, i.e. “axfcb1ozcf4iq.iot.eu-west-1.amazonaws.com”.

    Keep in mind that endpoint uri has Region, which is your choice for IoT service.

3. Now you can use/insert above three arguments(Asavie-IoT-Proxy.cert.pem, Asavie-IoT-Proxy.private.key, and IoT endpoint uri) in Proxy Redis server, for clients’ Endpoint object.

Q&A

AWS IoT Q: Why do you need downloading CA root cert from AWS IoT for devices SDK? A: https://forums.aws.amazon.com/thread.jspa?messageID=743161

Q: Where is AWS IoT Service SDK Guide A: https://docs.aws.amazon.com/iot/latest/developerguide/what-is-aws-iot.html

Q: Where is AWS IoT Device SDK for Java Guide A: https://github.com/aws/aws-iot-device-sdk-java/blob/master/README.md

comments powered by Disqus