New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhancement Request: Add support for AWS IoT MQTT server #6
Comments
Have you actually set up the cert and key needed for this, and attempted to connect using the sample scripts in the SDK? I'm having some problems there, and also in the plugin code that I've added. Executing this works. I see messages from the test endpoint.
But as soon as I add a topic to the command:
It fails:
|
Separately, when I try to connect from the new plugin version, it just times out:
|
I'm currently using the non-Async calls, as I don't mind the plugin startup being delayed while the connection is made. |
Nevermind. My Google-foo finally came back. Turns out that the default security policy that AWS creates is VERY restrictive. I fixed that and now both the sample app and plugin are working. I think. |
Test release available. https://github.com/FlyingDiver/Indigo-MQTT/releases/tag/0.3.0 |
Released in 0.3.0. |
As a user of Indigo and this plugin, I want to use Amazon's AWS IoT Core as my MQTT server, instead of running my own.
Amazon's AWS IoT web console is here:
https://us-east-1.console.aws.amazon.com/iot/home
There is a specific python MQTT client class that Amazon provides (AWSIoTMQTTClient) for connecting to their backend. It is based on the Paho MQTT client. There are examples of using this client within the repo:
https://github.com/aws/aws-iot-device-sdk-python
This AWS IoT client requires
This is what connecting with the AWS IoT client looks like using one of the examples from their repo. In this example, basicPubSub.py uses a default port if one is not passed in:
python basicPubSub.py -e xxxxxxxxxxxxxx-ats.iot.us-east-1.amazonaws.com -r root-CA.crt -c device.cert.pem -k device.private.key
Where xxxxxxxxxxxxxx-ats.iot.us-east-1.amazonaws.com is your personal AWS IoT Endpoint, found under the Settings of the AWS IoT web console. Settings can be accessed from the lower left navigation panel. The certs are generated from the AWS IoT web console when you Onboard a new device/thing.
From the AWS IoT web console:
Onboard a new Thing/Device that will represent Indigo. Pick your OS and Language - Linux/MacOS and Python in this case.
The important part of this step is to generate the X.509 certificates that will be associated with your "device" aka Indigo. These certificates are required in order to get the AWS IoT MQTT client to talk to your personalized AWS IoT MQTT Endpoint.
Create a new Policy and attach it to your Certificate generated in step 1. The policy will look something like:
To find
<your-account-id>
try using their Policy wizard to 'Add a Statement' to your new Policy. It should automatically populate the ARN with your account Id when you pick an Action.Think of the X.509 certificates as Authentication and the attached Policy as Authorization.
A single AWS IoT Device or Thing can publish to any topic on the global Endpoint, assuming it is allowed by the attached Policy. This should allow a single AWS IoT Thing representing Indigo to publish and subscribe to a sufficient number of unique topics to express all devices, actions, and variables, as needed.
It can be a little confusing to navigate the AWS IoT web console, but keep poking around and you'll find what you need.
The text was updated successfully, but these errors were encountered: