In this section, you will learn how to set up your IoT project, utilizing the AWS IoT platform. The following is a list of steps to build your AWS IoT project:
- Register on AWS
- Select the IoT device
- Register AWS IoT
- Create a security certificate
- Configure security access
Let's go through these steps.
AWS provides a complete solution to build your enterprise system, starting from a virtual machine and enterprise application, to machine learning and IoT. At the time of writing, Amazon offers a free one year trial access called AWS Free Tier for a newly registered user. You can access the full features with the limited scheme. You can register a new AWS account and get a free one year trial access at https://aws.amazon.com.
Most AWS can be accessed with the AWS Free Tier scheme. I recommend you do so. The AWS Free Tier registration page is shown in the following screenshot:
The next step is to select your IoT device. Each IoT device has unique capabilities. I suggest that you use the IoT device platform that is recommended by Amazon to minimize problems while developing and deploying. You can use one of the listed devices from https://aws.amazon.com/iot-platform/getting-started/#kits. Based on my experience, the Raspberry Pi board or IoT board with the Linux platform is easier, because most AWS IoT Device SDKs are supported.
I will show how various IoT device platforms access AWS IoT, with specific scenarios in this book. Register an IoT device for AWS IoT after you have decided what IoT device model is to be implemented. You should register it in order to obtain access rights in AWS IoT. You can register your IoT device on AWS IoT Management Console with the following steps:
- Navigate to https://console.aws.amazon.com/iot. You should see a form as shown in the following screenshot:
- Select the
Onboard
option from the left-hand menu. You can click on theGet started
button within theConfiguring a device
section, which is shown by an arrow in the preceding screenshot.
Then, you will get information about connecting IoT device to AWS IoT, as shown in the following screenshot:
- Select the development platform of the IoT device and AWS IoT SDK. In this scenario, I use
Linux/OSX
withNode.js
for AWS IoT SDK:
- Now we create our IoT device name. You should define the IoT device type. To do so, you click on the
Create a type
button:
If done, save this IoT device type.
- Then, go back to your IoT device registering. Fill out the IoT device name and its type. I filled
macos-computer
in theName
field, as shown in the following screenshot:
- If done, you should see your IoT device on the
Manage
|Things
menu:
You can add additional IoT devices to simulate the AWS IoT scenario.
Before we use AWS IoT, we should create a security certificate. Then, this certificate will be attached to our registered IoT device. Follow these steps:
- On AWS IoT Management Console, open your IoT device. Click on the
Security
option on the left-hand menu. You should see a form, as shown in the following screenshot:
- You should see a
Create certificate
button. Click on this button. Then, AWS IoT will generate private and public keys for your IoT device. Please download all certificate and key files:
These certificate and key files will be used in our program to access the AWS IoT server. You should get four files, as follows:
- Certificate file (
*.pem
) - Certificate public key file (
*.key
) - Certificate private key file (
*.key
) - Root certificate (
*.pem
) or (*.crt
)
- Certificate file (
- Put all these files into a folder. Our program will access these files:
The next step is to write a program. We will do so in the next section.
Since AWS IoT applies security to protect its system, we should also comply to configure our AWS IoT security. Some steps are taken to configure our AWS IoT security. We will perform the following tasks:
- Create a policy
- Attach a policy to the IoT device certificate
- Attach the IoT thing to the certificate
To create a policy on AWS IoT, perform the following steps:
- Click the
Policies
sub-menu from theSecure
menu, as shown in the following screenshot:
- Then, you should see a
Create a policy
button. Click on this button. - Fill in your policy name. You should add three policy statements, as follows:
iot:Connect
iot:Subscribe
iot:Publish
- Don't forget to check the
Allow
checkbox for all the preceding policy statements:
- The next step is to add our created policy into the IoT device certificate. You can open
Secure
|Certificates
on AWS IoT Management Console. Click on the ellipsis (…
) link so you get a context menu that is shown in the following screenshot. Click on theAttach policy
option:
- Then, you get a dialog box. Select your created policy. When done, click on the
Attach
button to execute this task:
- The last step is to add our IoT device into a security certificate. Click on the ellipsis (
…
) on your certificate so you get a context menu. Select theAttach thing
option on context menu:
Now your IoT device has a certificate and policy. You can access AWS IoT through the IoT device.