/philly-aws-iot-core

Philly AWS Users Group March 2025 - AWS IoT Core

Primary LanguagePython

Philly AWS IoT Core

AWS IoT Core presentation on 2025-03-19.

Slides - https://don.github.io/slides/2025-03-19-phllly-aws-iot-core.pdf

If you need a Raspberry Pi Pico W to run the code, you can buy them at Microcenter in St Davids, PA.

Use cloud_formation.yml to create a stack that sets up policies and creates the dynamo table.

Create a CSR and key for device_01 using openssl. Note that the CN in the CSR must match the device name if you're using the ThingPolicy.

cd rpi_pico
openssl req -newkey rsa:2048 -subj "/CN=device_01" -keyout key.pem -out device.csr -nodes

In AWS IoT Core, under All Devices -> Things, create a new Thing. Name the thing device_01. Upload the CSR from your local file system. Attach the ThingPolicy in the AWS UI. Once the Thing is created, click on the notifcation to view the certificate. Activate the certificate using Actions -> Activate. Download the certificate with Actions -> Download.

Copy the certificate to into the rpi_pico directory, renaming it to cert.pem. Note your certificate will have a different name than my example.

cp ~/Downloads/0d3ee8b271da0a8571d55f-certificate.pem.crt cert.pem

The mqtt client we're using needs the certificates to be in DER format. Use openssl to convert the PEM files to DER.

openssl x509 -in cert.pem -out cert.der -outform DER
openssl pkey -in key.pem -out key.der -outform DER

Setup Thonny for deploying code to a Raspberry Pi Pico W. Follow the Raspberry Pi Pico W Getting Started Guide.

Add the picozero and umqtt.simple libraries to your pico board using Tools -> Manage Packages menu in Thonny.

Edit the SSID and PASSWORD in config.py for your network. Update the AWS_ENDPOINT in demo.py to match your AWS. Get from the domain configuration hub.

Use Thonny to copy demo.py, config.py, ca.der, cert.der, and key.der from your local computer to the pico board.

Open demo.py on your pico and press the run button. If everthing goes correctly, you should connect to AWS IoT Core and send data.

Use the MQTT Test Client to interact with your device.

Create a rule under Message Routing -> Rules to save incoming MQTT data into DynamoDB. I named my rule save_to_dynamo. The SQLStatement for the rule is SELECT topic(2) as device, timestamp() as timestamp, * FROM 'things/+/state'. The action is DynamoDBv2. The table is environment. IAM role is iot-core-execution-role.