This section helps you set up your ConnectCore device and create required resources to send, receive, and process messages from the AWS IoT platform.
The goal of this section is to have the awsiot-sample application running in your device. This application monitors the CPU temperature and CPU load and allows you to remotely switch a device LED on and off.
Requirements
-
The AWS IoT prebuilt images.
-
An AWS IoT account. If you do not have one, create an AWS account at https://aws.amazon.com/resources/create-account/.
-
A device connected to the Internet.
1. Program the AWS IoT image
Digi provides pre-built AWS IoT images.
1.1. Update from Linux
If your device is already running from Linux, use the update package (*.swu) to program the firmware:
-
Download the update package:
-
For ConnectCore 6UL SBC Express: https://ftp1.digi.com/support/digiembeddedyocto/3.0/r4/images/ccimx6ulstarter/fb/dey-image-aws-swu-ccimx6ulstarter.swu.
-
For ConnectCore 6UL SBC Pro: https://ftp1.digi.com/support/digiembeddedyocto/3.0/r4/images/ccimx6ulsbc/fb/dey-image-aws-swu-ccimx6ulsbc.swu.
-
-
Follow the steps at Program firmware from Linux.
1.2. Update from U-Boot
Alternatively, you can use U-Boot to program your device:
-
Download the images for each partition:
-
For ConnectCore 6UL SBC Express: from https://ftp1.digi.com/support/digiembeddedyocto/3.0/r4/images/ccimx6ulstarter/fb/.
-
For ConnectCore 6UL SBC Pro: from https://ftp1.digi.com/support/digiembeddedyocto/3.0/r4/images/ccimx6ulsbc/fb/.
-
-
Follow the steps at Program firmware from U-Boot.
2. Register your device in the Thing Registry
Before connecting to AWS IoT, you must have your device in the Thing Registry. To do so, use the AWS IoT console or the AWS Command Line Interface (CLI) and follow the steps in the AWS IoT documentation.
When creating the AWS IoT Policy to attach to the Thing certificates, make sure you authorize your device to perform all the possible AWS IoT operations (connect, publish, receive, subscribe, get/update the shadow). |
To do so, define the policy action as a *
.
Your policy must be similar to the following:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iot:*", "Resource": "*" } ] }
To learn more about AWS IoT policies, see the AWS IoT developer guide.
3. Install the certificates in the device file system
Your device must establish a secure connection with AWS IoT using X.509 certificates. You must generate these certificates and register them in your AWS account:
-
To create and register the certificates, see the AWS IoT documentation.
-
Install the certificate and private key associated with your device, for example inside the /etc/ssl/certs directory.
~$ scp <root_ca_file_name> root@<ip>:/etc/ssl/certs/ ~$ scp <signed_cert_file_name> root@<ip>:/etc/ssl/certs/ ~$ scp <private_key_file_name> root@<ip>:/etc/ssl/certs/ ~$ sync
-
<root_ca_file_name> is the Verisign root CA server certificate used to authenticate the AWS IoT server. You can download it from https://www.symantec.com/content/en/us/enterprise/verisign/roots/VeriSign-Class%203-Public-Primary-Certification-Authority-G5.pem.
-
<signed_cert_file_name> is the certificate attached to your Thing.
-
<private_key_file_name> is the Thing’s private key.
-
<ip> is your device IP.
-
4. Configure your device Thing
By default, the awsiot-sample application reads the configuration to connect to AWS IoT platform from the /etc/awsiotsdk.conf file. Configure the following settings:
-
thing_name: Thing name that represents your device in your AWS IoT account.
-
host: MQTT host or endpoint, similar to "ABCDEFG1234567.iot.us-west-2.amazonaws.com". You can obtain it from the Settings menu on the navigation bar of the AWS IoT Console.
-
Certificates settings:
-
certs_path: Absolute path of the certificates directory in the device. If you install them under /etc/ssl/certs you do not need to modify it.
-
rootca_filename: Name of the Root CA file located in the configured certs_path.
-
signed_cert_filename: Name of the device signed certificate file located in the configured certs_path.
-
private_key_filename: Name of the device private key file located in the configured certs_path.
-
Issue the sync command after editing the /etc/awsiotsdk.conf file. |
5. Connect to AWS IoT
Once everything is properly configured, you can execute the demo application in the device:
~# awsiot-sample
The device console displays information with every new update:
========================================= Updating shadow... Temperature variation greater than 1C Temperature: 44.512000C CPU Load: 0.000000% LED status: OFF =========================================
Follow these steps to control the LED:
-
Log into your AWS IoT Console.
-
Click Test.
-
Enter # in the Subscription topic text field to subscribe to all topics.
-
In Publish > Specify a topic to publish to, type $aws/things/<thing_name>/shadow/update, where <thing_name> is the thing name of your registered device.
-
To switch on the LED, copy this in the text box:
{ "state" : { "desired" : { "ledON" : true } } }
-
Press Publish to topic to send the message. The LED on the board switches on.
-
To switch off the LED, change "ledON" : true to "ledON" : false and publish the message.
{ "state" : { "desired" : { "ledON" : false } } }