aws iot - best of re:invent tel aviv
TRANSCRIPT
![Page 1: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/1.jpg)
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Oren Katz
AWS IoT Overview
![Page 2: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/2.jpg)
Connecting devices to cloud applications
requires undifferentiated heavy lifting.
Many SDKs
& Tools
Alternate
Protocols
Scalability
&
Noise/Signal
Security &
Management
Integration with Cloud
and Mobile Apps and
Analytics
![Page 3: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/3.jpg)
AWS IoT
DEVICE SDKSet of client libraries to
connect, authenticate and
exchange messages
MESSAGE BROKERCommunicate with devices via
MQTT and HTTP
AUTHENTICATION
AUTHORIZATIONSecure with mutual
authentication and encryption
RULES ENGINETransform messages
based on rules and
route to AWS Services
AWS Services
- - - - -
3P Services
SHADOWPersistent thing state
during intermittent
connections
APPLICATIONS
AWS IoT API
REGISTRYIdentity and Management of
your things
![Page 4: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/4.jpg)
AWS IoT Message Broker
MESSAGE BROKERCommunicate with devices via
MQTT and HTTP
![Page 5: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/5.jpg)
AWS IoT Message Broker
Standard Protocol Support (no lock-in)
Millions of devices and apps can connect
over any protocol starting with MQTT and
HTTP 1.1
Long-lived bi-directional messages
Clients (Devices and Apps) can receive
commands and control signals from the
cloud
Secure by Default
Connect securely via X509 Certs and TLS
1.2 Client Mutual Auth
Topic Based
Architecture
(lights/thing-2/color)
Highly Scalable
Message Broker
![Page 6: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/6.jpg)
MQTT
MQTT vs HTTPS:
• 93x faster throughput
• 11.89x less battery to send
• 170.9x less battery to receive
• 50% less power to keep connected
• 8x less network overhead
Source:
http://stephendnicholas.com/archives/1217
• OASIS standard protocol (v3.1.1)
• Lightweight, pub-sub, transport protocol
that is useful for connected devices
• MQTT is used on oil rigs, connected
trucks, and many more sensitive and
resource-sensitive scenarios.
• Customers have needed to build,
maintain and scale a broker to use
MQTT with cloud applications
![Page 7: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/7.jpg)
AWS IoT Message Broker : Managed Service
Highly Scalable
Message Broker
Millions of devices
sending billions of
messages
SubscribersPublishers
![Page 8: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/8.jpg)
AWS IoT Security: Authentication and
AuthorizationAUTHENTICATION
Secure with mutual
authentication and encryption
AUTHENTICATION
AUTHORIZATIONSecure with mutual
authentication and encryption
![Page 9: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/9.jpg)
Security
Secure Communications with Things
- Single API call to CreateKeysAndCertificate()
- Client Generated CreateCertificateFromCSR(CSR)
Fine-grained Authorization for:
Thing Management
Pub/Sub Data Access
AWS Service Access
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["iot:Publish"],
"Resource":
["arn:aws:iot:us-east-
1:123456972007:topic/foo"]
},
{
"Effect": "Allow",
"Action": ["iot:Subscribe"],
"Resource":
["arn:aws:iot:us-east-
1:123456972007:topicfilter/foo/bar/*"]
}]}
![Page 10: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/10.jpg)
AWS IoT Rules Engine
RULES ENGINETransform messages
based on rules and
route to AWS Services
![Page 11: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/11.jpg)
Simple & Familiar Syntax
- SQL Statement to define topic filter
- Optional WHERE clause
- Advanced JSON support
Functions improve signal : noise
- String manipulation (regex support)
- Mathematical operations
- Context based helper functions
- Crypto support
- UUID, Timestamp, rand, etc.
AWS IoT Rules Engine Basics
SELECT * FROM ‘things/thing-2/color’
WHERE color = ‘red’
![Page 12: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/12.jpg)
AWS IoT Rules Engine’s Flexibility
SELECT *, clientId() as MQTTClientId
FROM 'one/rule'
WHERE
startsWith(topic(2), 'IME33') AND
(state = 'INIT' OR hydro_temp >
surface_temp)",
"actions":
[{
"republish": {
"topic":
"controllers/${substring(topic(3),
3, 5)}",
}]
![Page 13: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/13.jpg)
AWS IoT Rules Engine
Complex Evaluations
Respond to the fleet, not just a single unit. Dozens of functions() available
Multiple / Simultaneous Actions
Sometimes a situation requires you to take many actions
![Page 14: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/14.jpg)
AWS IoT Rules Engine Actions
RULES ENGINETransform messages
based on rules and
route to AWS Services
AWS Services
- - - - -
3P Services
AWS Services
- - - - -
3P Services
![Page 15: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/15.jpg)
1. AWS Services
(Direct Integration)
Rules Engine
Actions
AWS IoT Rules Engine
LambdaSNS SQS
S3 KinesisDDB RDS
Redshift
Glacier
EC2
3. External Endpoints
(via Lambda and SNS)
Rules Engine connects AWS
IoT to External Endpoints and
AWS Services.
2. Rest of AWS
(via Kinesis, Lambda,
S3, and more)
![Page 16: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/16.jpg)
AWS IoT Rules Engine
Rules Engine evaluates inbound
messages published into AWS
IoT, transforms and delivers to the
appropriate endpoint based on
business rules.
External endpoints can be
reached via Lambda and Simple
Notification Service (SNS).
Invoke a Lambda function
Put object in an S3 bucket
Insert, Update, Read from a
DynamoDB table
Publish to an SNS Topic
or Endpoint
Publish to a Kinesis stream
Actions
Amazon Firehose
Republish to AWS IoT
![Page 17: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/17.jpg)
AWS IoT Rules Engine for Machine Learning
Anomaly Detection
Amazon Machine Learning can feed predictive evaluation criteria to the Rules Engine
Continuous Improvement around Predication
Continuously look for outliers and re-calibrate the Machine Learning models
Send to S3
Amazon
Machine
Learning
Re-Train
![Page 18: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/18.jpg)
AWS IoT Rules Engine & Stream Data
N:1 Inbound Streams of Sensor Data (Signal to Noise Reduction)
Rules Engine filters, transforms sensor data then sends aggregate to Amazon Kinesis
Kinesis Streams to Enterprise Applications
Simultaneously stream processed data to databases, applications, other AWS
Services
Ordered Stream
![Page 19: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/19.jpg)
AWS IoT Rules Engine & Amazon SNS
Push Notifications
Apple APNS Endpoint, Google GCM Endpoint, Amazon ADM Endpoint, Windows
WNS
Amazon SNS -> HTTP Endpoint (Or SMS or Email)
Call HTTP based 3rd party endpoints through SNS with subscription and retry support
SNS
2
![Page 20: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/20.jpg)
AWS IoT Thing Shadow
THING SHADOWPersistent thing state
during intermittent
connections
SHADOWPersistent thing state
during intermittent
connections
APPLICATIONS
![Page 21: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/21.jpg)
AWS IoT Thing Shadow
Shadow
![Page 22: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/22.jpg)
AWS IoT Shadow Flow
Shadow
Device SDK
1. Device Publishes Current State
2. Persist JSON Data Store
3. App requests device’s current state
4. App requests change the state5. Device Shadow sync’s
updated state
6. Device Publishes Current State7. Device Shadow confirms state change
AWS IoT
![Page 23: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/23.jpg)
AWS IoT Shadow - Simple Yet Powerful
{
"state" : {
“desired" : {
"lights": { "color": "RED" },
"engine" : "ON"
},
"reported" : {
"lights" : { "color": "GREEN" },
"engine" : "ON"
},
"delta" : {
"lights" : { "color": "RED" }
} },
"version" : 10
}
Thing
Report its current state to one or multiple shadows
Retrieve its desired state from shadow
Mobile App
Set the desired state of a device
Get the last reported state of the device
Delete the shadow
Shadow
Shadow reports delta, desired and reported
states along with metadata and version
![Page 24: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/24.jpg)
AWS IoT Registry
THING REGISTRYIdentity and Management of
your things
REGISTRYIdentity and Management of
your things
![Page 25: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/25.jpg)
AWS IoT Registry
• key: value
• Firmware version
• Serial Numbers
• Support and Maintenance
• Reference Manual URL
• Part # reference
• Reference to external support system
![Page 26: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/26.jpg)
AWS IoT – Device Management
S3 Holds Versioned Firmware Distributions
Organize and secure your firmware binaries in S3
Message Broker notifies groups of the fleet using Topic Patterns
Alert the fleet (or part of it) of the update, and send the URL to the S3 download
Firmware Update
Stored in S3
Publish to groups of devices
• Ability to update global
or within a Region
• Rules Engine keeps
state of updates and
tracks progress in a
DynamoDB Table
• Store Version in
Registry Entry
![Page 27: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/27.jpg)
AWS IoT
DEVICE SDKSet of client libraries to
connect, authenticate and
exchange messages
MESSAGE BROKERCommunicate with devices via
MQTT and HTTP
AUTHENTICATION
AUTHORIZATIONSecure with mutual
authentication and encryption
RULES ENGINETransform messages
based on rules and
route to AWS Services
AWS Services
- - - - -
3P Services
SHADOWPersistent thing state
during intermittent
connections
APPLICATIONS
AWS IoT API
REGISTRYIdentity and Management of
your things
![Page 28: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/28.jpg)
Get Started with AWS IoT Device SDK
C-SDK
(Ideal for embedded
OS)
JS-SDK
(Ideal for Embedded
Linux Platforms)
Arduino Library
(Arduino Yun)
Mobile SDK
(Android and iOS)
![Page 29: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/29.jpg)
Official IoT Starter Kits, Powered by AWS
![Page 30: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/30.jpg)
Official IoT Starter Kits on Variety of Platforms
Broadcom WICED
BCM4343W
On Threadx/Netx
Marvell
EZConnect
MW302
On FreeRTOS
Renasas RX63N
On Micrium OS
TI CC3200
On TI-RTOSMicrochip WCM
PIC32 Platform
Intel Edison
on Yocto Linux
Mediatek
LinkOne
on Linkit OS
Dragonboard
410c on
Ubuntu
Seeeduino
Arduino on
openWRT
Beaglebone
Green on
Debian
![Page 31: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/31.jpg)
AWS IoT Always Growing Ecosystem Partners
IoT Systems Integrators
IoT Communication
IoT Management Platform
IoT Analytics PlatformIoT Operating Systems
NDA
![Page 32: AWS IoT - Best of re:Invent Tel Aviv](https://reader034.vdocument.in/reader034/viewer/2022042611/58f2d5321a28ab07698b4579/html5/thumbnails/32.jpg)
AWS IoT
DEVICE SDKSet of client libraries to
connect, authenticate and
exchange messages
MESSAGE BROKERCommunicate with devices via
MQTT and HTTP
AUTHENTICATION
AUTHORIZATIONSecure with mutual
authentication and encryption
RULES ENGINETransform messages
based on rules and
route to AWS Services
AWS Services
- - - - -
3P Services
SHADOWPersistent thing state
during intermittent
connections
APPLICATIONS
AWS IoT API
REGISTRYIdentity and Management of
your things