Introduction
You may be starting on your IoT journey, or have thousands of devices connected already. Maybe you just built an IoT business application, and want to deploy it to your fleet. You’re looking for a way to build functionality to control, update, monitor, or secure your IoT devices. To guide you through this process and get you started on AWS IoT, AWS is happy to announce the “Get Started with AWS IoT Workshop”. Click here to access the Workshop.
In this hands-on workshop, we use the AWS IoT Device Client to provide a guided walk-through to create your proof-of-concept IoT project. In 3 hours, you will learn to:
- Securely connect your IoT device to the internet, onboard and register it on AWS IoT Core
- Remotely control your device using AWS IoT Device Management – run a simple Over-The-Air (OTA) remote operation using Jobs, and set up SSH access for troubleshooting using Secure Tunneling
- Set up a daily security audit, and monitor a ‘heartbeat’ of health metrics from your device using AWS IoT Device Defender
The AWS IoT Device Client is written in C++, open-source, and available on GitHub. You can compile and install on Embedded-Linux based IoT devices to get started with AWS IoT Core, AWS IoT Device Management, and AWS IoT Device Defender.
Prerequisites
To complete this workshop, you need:
- An AWS account with admin privileges, or Event engine details. You can create a new AWS account here.
- A computer with the latest browser – like Firefox or Chrome
- Basic understanding of Linux (e.g. create directories, set file permissions) and programming (compiling code)
When to use the AWS IoT Device Client
Example Use Cases:
The AWS IoT Device Client is a reference implementation, and the easiest way to create an IoT proof-of-concept (PoC). It provides an easy way to connect a fleet of devices to the internet, and route IoT data to AWS. By default, it enables you to operate, manage, and control your fleets, or secure them against threats using AWS IoT services. It is open-source, so you can modify it to fit your business needs, connect your business applications to take advantage of AWS IoT features, or optimize its resource utilization when you wish to scale up from a PoC to production. Here are some example use cases the AWS IoT Device Client solves for:
- [First Connect & Provisioning] You want to provision a fleet of production devices and connect them to the internet.
The IoT Device Client enables your devices to automatically connect to IoT Core, exchange a bulk certificate for secure individual identities from the IoT Core Identity service, and register themselves in the IoT Core Device Registry. - You just built a custom business application for your IoT solution. The IoT Device Client provides a backbone of capabilities for your app.
- [Messaging] You want to exchange telemetry, state, or control messages with the app over MQTT.
The IoT Device Client enables your device connect over MQTT to the AWS IoT Core Device Gateway and shares that connection with your app. You can publish/subscribe to custom MQTT topics via the AWS IoT Core Message Broker by setting simple configurations on your device. You also have the option to publish data from your app directly to the AWS IoT Core Rules Engine via Basic Ingest, reducing messaging costs. - [Control] You want to read and control the state of your device or the configuration of your app.
The IoT Device Client gives your app the ability to interact with AWS IoT Core Device Shadows so you can get/set the state of your device or the configuration of your app even if it is offline for prolonged periods. - [Operate & Update] You want to update your fleet to use a new version of your app, or deploy a firmware/OS update, or simply reboot the fleet remotely.
With the IoT Device Client, you can directly use AWS IoT Device Management Jobs – it lets you deploy to targeted devices, control the speed of your deployment, and track the status of your updates, even if devices work in partially offline environments. - [Troubleshoot or Access] You want to troubleshoot a device, retrieve logs, or access it using Secure Shell (SSH) for maintenance.
With the IoT Device Client your device can directly connect using the AWS IoT Device Management Secure Tunneling feature to an Admin console, providing synchronous access with admin privileges. - [Monitor & Secure] You want to send a ‘heartbeat’ of device-side health metrics like ports open or bytes in/out to detect unusual security behaviors and guard your fleet against compromise.
The IoT Device Client lets your device automatically publish your metrics over MQTT to the AWS IoT Device Defender service at regular intervals.
- [Messaging] You want to exchange telemetry, state, or control messages with the app over MQTT.
AWS IoT Device Client: High Level Architecture
Compatibility:
The AWS IoT Device Client [GitHub] currently works on IoT devices with common microprocessors (x86_64, ARM, MIPS-32 architectures), and common Linux software environments (Debian, Ubuntu, and RHEL). We also provide a meta-aws recipe for the AWS IoT Device Client that you can build into your Yocto Linux distribution for more constrained and purpose-built devices.
Conclusion
Try out this Workshop to get started with AWS IoT using the AWS IoT Device Client.
Using AWS IoT Device Client is the easiest way to create a proof-of-concept (PoC) for your IoT project. It takes away the generic heavy lifting involved in connecting, managing, and securing your IoT fleets, reducing the initial investment required for your IoT project. You can now focus on building your IoT business logic and apps. AWS is committed to the AWS IoT Device Client as a living tool. It is a reference implementation with operational and security best-practices baked in. As new AWS IoT features become generally available and IoT best practices are established, we will update this software to support them appropriately.
About the authors