Skip to content

AWS configurations

Overall Architecture

This schema represent the various components and how they interact to have a better understanding of the various solution elements.

images/awsdeploy-designer.png

  1. The user is authenticated by the OpenID Connect server.
  2. The user access to the IoT Hub Portal with the OAuth2.0 token.
  3. The IoT Hub portal uses the AWS IoT REST API to retrieve the data.
  4. The IoT Hub portal uses the AWS S3 storage to store the device models configuration (Images, Commands, etc.).
  5. The IoT Hub portal synchronizes its data with the IoT Hub to provide a consistent view of the data.

Quick Start

Prerequisites

  • You must have an AWS Account. Get an AWS Free account to get started.

  • You must enable Fleet Indexing for registry and shadow
    Using AWS CLI:

    Bash Session
    1
    aws iot update-indexing-configuration --thing-indexing-configuration thingIndexingMode=REGISTRY_AND_SHADOW

    Please note that you'll need the necessary permissions to execute this command. Make sure your AWS IAM user or role has the appropriate permissions to access and modify the IoT indexing configuration.

Deployed Resources

The template will deploy in your AWS Account the Following resources:

  • AWS RDS - Database for PostgreSQL
  • AWS S3 Bucket
  • AWS App Runner Service

Instructions

  1. Choose a stack name for your AWS Deployment.

  2. Follow next step below to start your deployment:

    1. Press on the button here below to download the template AWS:
      Download the template

    2. Import your template :
      From the AWS console: CloudFormation new stack
      - You can change the deployment region by changing the region directly in the URL
      - In "Upload a template file" import the previously downloaded file
      With AWS CLI:

      Bash Session
      1
      aws cloudformation deploy --template /path_to_template/awsdeploy.yml --stack-name your-stack-name --region your-region

      see: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-cli-deploy.html for more option about aws cloudformation deploy

  3. You will get to a page asking you to fill the following fields:

    • Stack Name: A name for the stack where all the template resource would be put into, just choose a meaningful name.
    • PostgreSQL user: The PostgreSQL user name to be used for the IoT Hub Portal database.
    • PostgreSQL password: The PostgreSQL password to be used for the IoT Hub Portal database.
    • AWS Access Key: The AWS Access Key of your AWS environment.
    • AWS Access Secret Key: The AWS Access Secret Key of your AWS environment.
    • Api Client Id: the ID of the API client that will be used to authenticate the portal.
    • Client Id: the ID of the web client that will be used to authenticate the portal.
    • Open Id Authority: The OpenID authority used by the portal.
    • OpenId Metadata URL: The OpenID metadata URL used by the portal.
    • OpenId Scope Name: The Open ID Scope name

Configurations

This configurations are used to get access to AWS cloud Platform. You have to enter them in a json file to be able to connect to the Iot Hub Portal. Here is a template of a such json file.

JSON
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
{
  "CloudProvider": "AWS",
  "AWS:Access": "<ACCESS_KEY>",
  "AWS:AccessSecret": "<ACCESS_SECRET_KEY>",
  "AWS:Region": "<REGION_KEY>",
  "AWS:BucketName": "<BUCKET_NAME>",  
  "AWS:AccountId": "<ACCOUNT_IDENTIFIER>",
  "AWS:GreengrassRequiredRoles:<ID>": "<GREENGRASS_ROLE_NAME>",
  "OIDC:Scope": "<SCOPE>",
  "OIDC:MetadataUrl": "<METADATA_URL>",
  "OIDC:ClientId": "<CLIENT_ID>",
  "OIDC:Authority": "<AUTHORITY>",
  "OIDC:ApiClientId": "<API_CLIENT_ID>",
  "PostgreSQL:ConnectionString": "<POSTGRE_SQL_CONNECTION_STRING>"
}

Note: You must replace all values in the brackets by your own AWS settings. If you can't find them in the AWS Portal, please contact an administrator of this project to have more information.

You are now ready to start your IoT Hub Portal development !