Create AWS IoT Core Things using AWS SDK
--
AWS IoT Core is a highly scalable platform for IoT devices. I automated the creation of Certificates, Things, and Attaching policy using AWS SDK with the below steps.
Step 1:
I created an IAM user with programmatic access and attached the AWSIoTFullAccess policy.
Step 2:
We will need to create Security Policy that can be attached to Certificates created for every device.
I have made a policy so that, the device can only connect using its ThingName as clientId, can subscribe or publish to topics starting from its ThingName.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iot:Connect",
"Resource": "*",
"Condition": {
"Bool": {
"iot:Connection.Thing.IsAttached": [
"true"
]
},
"ForAnyValue:StringEquals": {
"iot:ClientId": [
"${iot:Connection.Thing.ThingName}"
]
}
}
},
{
"Effect": "Allow",
"Action": "iot:Publish",
"Resource": "arn:aws:iot:ap-south-1:021265781496:topic/${iot:Connection.Thing.ThingName}/*"
},
{
"Effect": "Allow",
"Action": "iot:Subscribe",
"Resource": "arn:aws:iot:ap-south-1:021265781496:topicfilter/${iot:Connection.Thing.ThingName}/*"
},
{
"Effect": "Allow",
"Action": "iot:Receive",
"Resource": "arn:aws:iot:ap-south-1:021265781496:topic/${iot:Connection.Thing.ThingName}/*"
}
]
}
Step 3:
Code flow:
- We create a certificate for the device using the createKeysAndCertificate method.
- Attach policy to the certificate
- Create AWS IoT Core Thing
- Attach Certificate To Thing
Result:
The certificate which we just created is attached to Policy and Thing.
Output on the console:
Source Code: https://github.com/riddheshganatra/iotcore-createthings
Demo: https://www.loom.com/share/69b18339147742578bb82e635259b118
Share this with anybody you think would benefit from this. Have any suggestions? Feel free to message me on LinkedIn.