国内亚马逊AWS官网: https://www.amazonaws.cn
物联网(IoT)控制台: https://cn-northwest-1.console.amazonaws.cn/iot/home
安全凭证是开发者通过程序与亚马逊服务进行通讯的必要参数
登录控制台之后,点击右上角账号,选择「我的安全凭证」按钮即可查看账号秘钥信息
访问秘钥的私钥只有在创建的时候可见,创建完成之后就无法再查看到,需要在创建时对私钥进行妥善保存
开发者在连接亚马逊的 IoT 服务时,需要指定设备的终端节点。亚马逊服务在全拥有众多的服务节点,根据服务所在区域选择对应的终端节点。开发者所连接的终端节点与个人账号有绑定关系,每一个开发者用户连接的节点信息都是独一无二的。
操作: 打开 IoT 控制台 -> 点击「设置」按钮,即可查看终端节点信息
IoT管理界面 -> 管理 -> 类型
IoT 管理界面 -> 安全 -> 策略
策略参考文档
策略示例:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:us-west-2:57EXAMPLE833:client/uniqueThingName"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Publish"
],
"Resource": [
"arn:aws:iot:us-west-2:57EXAMPLE833:topic/test/dc/pubtopic",
"arn:aws:iot:us-west-2:57EXAMPLE833:topic/$aws/events/job/*",
"arn:aws:iot:us-west-2:57EXAMPLE833:topic/$aws/events/jobExecution/*",
"arn:aws:iot:us-west-2:57EXAMPLE833:topic/$aws/things/uniqueThingName/jobs/*"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Subscribe"
],
"Resource": [
"arn:aws:iot:us-west-2:57EXAMPLE833:topicfilter/test/dc/subtopic",
"arn:aws:iot:us-west-2:57EXAMPLE833:topic/$aws/events/jobExecution/*",
"arn:aws:iot:us-west-2:57EXAMPLE833:topicfilter/$aws/things/uniqueThingName/jobs/*"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Receive"
],
"Resource": [
"arn:aws:iot:us-west-2:57EXAMPLE833:topic/test/dc/subtopic",
"arn:aws:iot:us-west-2:57EXAMPLE833:topic/$aws/things/uniqueThingName/jobs/*"
]
},
{
"Effect": "Allow",
"Action": [
"iot:DescribeJobExecution",
"iot:GetPendingJobExecutions",
"iot:StartNextPendingJobExecution",
"iot:UpdateJobExecution"
],
"Resource": [
"arn:aws:iot:us-west-2:57EXAMPLE833:topic/$aws/things/uniqueThingName"
]
}
]
}IoT 管理界面 -> 管理 -> 物品
IoT 管理界面 -> 安全 -> 证书
IoT 管理界面 -> 消息路由 -> 规则
规则用途示例: 使用规则监听 IoT 设备的生命周期事件,从而可以准确得知设备的在线状态以及设备订阅情况
IoT 规则参考文档:
规则创建操作示例:
IoT 管理平台 -> 测试 -> MQTT 测试客户端
