This is an example project showing how to abuse AWS IOT Gateway to create a massively-scalable online chat system using a static HTML page.
IOT Gateway supports websockets, which can be used to connect browsers directly to a message queue, and send/receive messages connected to hierarchical topics. In this case, we're allowing anonymous users to subscribe to any topic starting with /chat/ (check the unauthenticated policy for more information. The security is enforced using normal AWS IAM policies, and provided through AWS Cognito authentication, which allows us to assign IAM policies to unauthenticated users.
The result is that chat allows anonymous users to access exchange messages through hierarchical chat topics, without any active server components we need to maintain.
aws iot describe-endpoint --query endpointAddress --output textFor unauthenticated access, do the following when creating the identity pool:
- enable access to unauthenticated identities
- no need to attach authentication providers
- on 'Your Cognito identities require access to your resources' screen open up the 'Show details' dropdown and adjust role names if you want
- go to IAM, then add the unauthenticated policy to your unauthenticated access role
- create
./env/<ENV NAME>.jsonfor your environment, with
{
"iotGatewayName": "<YOUR IOT GATEWAY NAME>",
"cognitoIdentityPoolId": "<YOUR COGNITO IDENTITY POOL ID>"
}- create
dev.jsonin./envas described in the Configuring section npm run rebuildnpm run serve-dev
- create
production.jsonin./env npm run rebuild --serverless-chat:buildenv=production- upload the
sitefolder somewhere
Check out the src/util/post-message.js to see how you can also post messages directly to chat channels (eg a system notification, or replying to messages from a Lambda function.
- Add sender info
- authenticated access
- automated config
- Connection keep-alive/reconnect
- Paho MQTT Client for JavaScript - used to connect to the IoT Gateway
- AWS IOT Platform