I am creating an application where I need to connect multiple devices to AWS IoT, but I noticed that only the last device that was connected remains connected. I saw that I was using the same certificates for all devices and after I created a certificate for each one the problem was solved, but it turns out that it will be multiple devices and it will be unproductive to keep registering device by device. I would like to know if there is a solution for multiple devices to remain connected to the aws iot simultaneously without having to register the certificates one by one.
CodePudding user response:
This mainly comes from: https://iot-device-management.workshop.aws/en/provisioning-options/bulk-provisioning.html.
There are other options (just in time etc...) on the link above.
Create a bulk thing registration task To create a bulk registration task a role is required that grants permission to access the input file. This role has been already created by CloudFormation and the name of the role has been copied during the setup of the workshop to the shell variable $ARN_IOT_PROVISIONING_ROLE.
aws iot start-thing-registration-task \
--template-body file://~/templateBody.json \
--input-file-bucket $S3_BUCKET \
--input-file-key bulk.json --role-arn $ARN_IOT_PROVISIONING_ROLE
When successful the command returns a taskId. The output looks similar to:
{
"taskId": "aaaf0a94-b5a9-4bd6-a1f5-cf188322a111"}
Provisioning templates https://docs.aws.amazon.com/iot/latest/developerguide/provision-template.html
A provisioning template is a JSON document that uses parameters to describe the resources your device must use to interact with AWS IoT. A template contains two sections: Parameters and Resources. There are two types of provisioning templates in AWS IoT. One is used for just-in-time provisioning (JITP) and bulk registration and the second is used for fleet provisioning.
Script to create a provisioning template
https://github.com/aws-samples/aws-iot-device-management-workshop/blob/master/bin/mk-bulk.sh
Create bucket
aws s3api create-bucket\
--bucket bulk-iot-test\
--region ap-northeast-1
Upload bulk.json (if using cloudshell) and copy to S3
Upload bulk.json via the UI
aws s3 cp bulk.json s3://bulk-iot-test
aws s3 ls s3://bulk-iot-test
Create the role to register the things
From CloudFormation template… This is incomplete and needs further refination.
"DMWSIoTServiceRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service": [ "iot.amazonaws.com" ]
},
"Action": [ "sts:AssumeRole" ]
} ]
},
"ManagedPolicyArns": [
"arn:aws:iam::aws:policy/service-role/AWSIoTThingsRegistration",
"arn:aws:iam::aws:policy/service-role/AWSIoTLogging",
"arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
],
"Path": "/"
}
},
Start the thing registration task
aws iot start-thing-registration-task \
--template-body file://~/templateBody.json \
--input-file-bucket bulk-iot-test \
--input-file-key bulk.json --role-arn "arn:aws:sts::ACCOUNTID:assumed-role/ROLE/[email protected]"