AWS IoT Core

Example for the AWS IoT core application on Synpse
In this tutorial, we will deploy a simple open-source application that collects metrics and send them to AWS IoT Core for further processing. All code for this blog post can be found at:
​https://github.com/synpse-hq/metrics-nats-example-app - Sample metrics application https://github.com/synpse-hq/aws-iot-core-example - AWS IoT Core example
Technologies used
1.​Synpse - manage devices and deploy applications to them
2.​NATS - a lightweight message broker that can run on-prem
3.​AWS IoT Core - message broker between all devices and AWS
Steps:
1.Set up AWS IoT Core
2.Configure rules to forward data into S3 bucket
3.Create AWS device/Thing for Synpse
4.Demo Synpse application from 3 microservices - Metrics collector, NATS broker, example Python app that forwards data to AWS IoT Core
AWS IoT Core 
Inside AWS IoT Core page navigate to Manage sub-page. Create a "Thing" with AWS generated certificates. Download certificates to your workstation. We will need them later.
​
​
AWS IoT S3 page
Inside AWS IoT S3 page, create S3 bucket for metrics to be stored. We gonna use it later
S3 Bucket
Create Act Rule
Back in IoT Core page navigate to  ACT subpage. We will create new Rule for our metrics. Rule creation involved multiple steps, like creating rule itself, granting access with policy and finalizing the setup.
Create policy
Create policy to publish events, and attach to certificate we generated.
Policy we used is as bellow:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iot:Connect",
        "iot:Receive",
        "iot:Publish",
        "iot:Subscribe"
      ],
      "Resource": "*"
    }
  ]
}
Create plicy
Attach the policy to a certificate, used by "Thing" 
Attach certificate
Get endpoint
You will need endpoint for your IoT Core. You can get it via CLI:
aws iot describe-endpoint
Or navigate  via UI to "Settings":
IoT Core Settings
Deploy Synpse application
We have downloaded certificates in the first step. Let's create Synpse secret with those certificates
synpse secret create aws-cert --file f0bab679b1f8b0adf9049a93c0da2241cad4f8c6dbdc95e35ce4146173f526ae-certificate.pem.crt
synpse secret create aws-key --file f0bab679b1f8b0adf9049a93c0da2241cad4f8c6dbdc95e35ce4146173f526ae-private.pem.key
synpse secret create aws-root-ca --file AmazonRootCA1.pem
Deploy Synpse application. Modify application yaml with your thing endpoint and messaging topic.
synpse deploy -f synpse-aws-example.yaml
where synpse-aws-example.yaml is:
name: AWS-IoT-Core
description: AWS IoT Core Synpse example
scheduling:
  type: Conditional
  selectors:
    aws: iot    
spec:
  containers:
  - name: nats
    image: nats
  - name: app
    image: quay.io/synpse/metrics-nats-example-app
  - name: aws-iot
    image: quay.io/synpse/aws-iot-core-example
    forcePull: true
    args:
      - --endpoint 
      - a243pu5i3wf6nw-ats.iot.us-east-1.amazonaws.com
      - --cert 
      - /server/gateway/certificate.pem  
      - --key 
      - /server/gateway/certificate.key
      - --root-ca 
      - /server/gateway/AmazonRootCA1.pem
      - --topic
      - test/topic
    command: /server/aws.py
    secrets:
      - name: aws-cert
        filepath: /server/gateway/certificate.pem
      - name: aws-key
        filepath: /server/gateway/certificate.key
      - name: aws-root-ca
        filepath: /server/gateway/AmazonRootCA1.pem
Once running, you should see application running and data coming into AWS S3 account
Result
​
At this point, you might thing "This was not as hard as you told us". We did all the steps using AWS Console UI. Github repository contains more detail steps how to achieve same result via CLI. Good luck :)
Examples - Previous
Public Cloud IoT
Azure IoT Hub
Last modified 1yr ago