ββββββββββββββββββββββ ββββββββββββββββββββββ
β Example 1 β β Example 2 β
ββββββββββββββββββββββ ββββββββββββββββββββββ
βββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββββββββββ
β β β β
β AWS IoT - MQTT Broker β β AWS IoT - MQTT Broker β
β β β β
βββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββββββββββ
β² β²
β β
β β
βΌ βΌ
βββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββββββββββ
β β β β
β Upparat β β Mosquitto β
β β β β
βββββββββββββββββββββββββββββββββ βββββββββββββββββββββββββββββββββ
β²
β
βββββββββββ΄βββββββββββ
β β
β β
ββββββββββββββββββββ ββββββββββββββββββββ
β β β <Other MQTT β
β Upparat β β Client> β
β β β β
ββββββββββββββββββββ ββββββββββββββββββββ
There are two slightly different examples:
docker-compose run upparat-alpn: Directly connect to AWS from Upparat. This is probably what you want unless you have more than one MQTT client connected to AWS IoT.docker-compose run upparat-bridged: Connect to Mosquitto in bridged mode that is connected to AWS (advanced).
- Create an AWS IoT Thing and download the certificates. We will reference the downloaded files as:
.cert.pem β certfile
.private.key β keyfile
# https://www.amazontrust.com/repository/AmazonRootCA1.pem
AmazonRootCA1.pem.txt β cafile- Create and attach the following policy to the Thing's certificate:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": ["*"],
"Resource": ["*"],
"Effect": "Allow"
}
]
}- Create an S3 bucket and upload a test file (i.e. your firmware file).
- Create a role for the principle
IoTand with the following policy attached:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::your-upparat-jobs-bucket/*"
}
]
}Notes:
- Client Certificate,
--certificate-pem-outfile = certfile
THING_NAME=YOUR_THING_NAME
BROKER=YOUR_BROKER_HOST
cp mosquitto/aws-bridge.conf.tmpl mosquitto/aws-bridge.conf
sed -i -e "s|@THING_NAME@|${THING_NAME}|g" mosquitto/aws-bridge.conf
sed -i -e "s|@BROKER@|${BROKER}|g" mosquitto/aws-bridge.conf
sed -i -e "s|@BASE_DIR@|${PWD}|g" mosquitto/aws-bridge.conf
Notes:
YOUR_THING_NAME: AWS Thing NameBROKER: AWS Broker
Run example:
docker-compose run upparat-bridged
-
Copy upparat/config.ini.tmpl to ./config.ini and replace the
@DEVICE_ID@placeholder:THING_NAME=YOUR_THING_NAME cp upparat/config.ini.tmpl upparat/config.ini sed -i -e "s|@THING_NAME@|${THING_NAME}|g" upparat/config.ini sed -i -e "s|@BASE_DIR@|${PWD}|g" upparat/config.ini -
Start upparat:
upparat -c upparat/config.ini
To use AWS Iot jobs with pre-signed S3 URLs create a S3 bucket and a corresponding role.
- Install AWS CLI
- Deploy stack:
aws cloudformation deploy --template-file upparat-test.yaml --capabilities CAPABILITY_IAM --stack-name upparat-test export UPPARAT_TEST_BUCKET_NAME=`aws cloudformation describe-stacks --stack-name upparat-test --query "Stacks[0].Outputs[?OutputKey=='BucketName'].OutputValue" --output text` export UPPARAT_TEST_ROLE_ARN=`aws cloudformation describe-stacks --stack-name upparat-test --query "Stacks[0].Outputs[?OutputKey=='RoleArn'].OutputValue" --output text`
-
Upload a test file:
export UPPARAT_TEST_FILE="<MY_FILE>" aws s3 cp ${UPPARAT_TEST_FILE} s3://${UPPARAT_BUCKET_NAME}
-
Set the following environment variables and run the script:
export UPPARAT_TEST_THINGS="<COMA-SEPARATED-THING-ARNS>" python aws_jobs.py
aws s3 rm s3://${UPPARAT_BUCKET_NAME} --recursive
aws cloudformation delete-stack --stack-name upparat-test