Create a job

Directory

Use the directory ~/job-agent for the exercises in this chapter.

cd ~/job-agent

Provision a device

The sample job agent for the workshop needs to connect to AWS IoT Core and exchange messages. So you need to provision a device. You have already learned several options to create a device. Choose one and copy the resulting device key and device cert into the directory ~/job-agent.

Sample command, just in case…

THING_NAME=job-agent
aws iot create-thing --thing-name $THING_NAME
aws iot create-keys-and-certificate --set-as-active \
  --public-key-outfile $THING_NAME.public.key \
  --private-key-outfile $THING_NAME.private.key \
  --certificate-pem-outfile $THING_NAME.certificate.pem > /tmp/create_cert_and_keys_response
CERTIFICATE_ARN=$(jq -r ".certificateArn" /tmp/create_cert_and_keys_response)
CERTIFICATE_ID=$(jq -r ".certificateId" /tmp/create_cert_and_keys_response)
POLICY_NAME=${THING_NAME}_Policy
aws iot create-policy --policy-name $POLICY_NAME \
  --policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action": "iot:*","Resource":"*"}]}'
aws iot attach-policy --policy-name $POLICY_NAME \
  --target $CERTIFICATE_ARN
aws iot attach-thing-principal --thing-name $THING_NAME \
  --principal $CERTIFICATE_ARN

List things in the device registry. Don’t trust the AWS IoT Core console. It might not be aware of every update made through the API

aws iot describe-thing --thing-name $THING_NAME

Start your job-agent

To start the job agent you need to provide on the command line the client-id, iot-endpoint, ca certificate, device key and certificate

# when you have used the commands above to create the device
./job-agent.py -c $THING_NAME -i $IOT_ENDPOINT \
  --cacert ~/root.ca.bundle.pem --cert $THING_NAME.certificate.pem \
  --key $THING_NAME.private.key

Go to the AWS IoT Core console

  1. Test
  2. Subscribe to a topic
  3. Subscription topic: $aws/events/#
  4. Subscribe
  5. Subscribe to a topic
  6. Subscription topic: $aws/things/#
  7. Subscribe
  8. Subscribe to a topic
  9. Subscription topic: sys/info
  10. Subscribe

Sample job document

The following sample job document was already copied onto your AWS Cloud9 instance as ~/job-agent/job-document.json

{
    "operation": "sys-info",
    "sys-info": "uptime",
    "topic": "sys/info"
}

The intention of the job document is to instruct the job agent to get the uptime from the system that it is running on and report it to AWS IoT Core on the topic sys/info

Create a job

Open an additional terminal: Click on the + sign at the terminal window and select New Terminal. The job agent running in another terminal should not be interrupted.

Copy the job document to your S3 Bucket

# copy the document
aws s3 cp job-document.json s3://$S3_BUCKET/

# verify that the document has been copied
aws s3 ls s3://$S3_BUCKET/

Create a job. The job id that you choose must be unique. It is not possible to reuse a job id.

# retrieve the arn for the job device,
# e.g. through list-things, describe-thing, "Manage" in the AWS IoT Core console
JOB_THING_ARN=[ARN_OF_YOUR_JOB_THING]

# define a unique job id
JOB_ID=[an_id_e.g. 468]

# finally create the job
aws iot create-job --job-id  $JOB_ID \
	--targets $JOB_THING_ARN \
	--document-source https://s3.amazonaws.com/$S3_BUCKET/job-document.json  \
	--presigned-url-config "{\"roleArn\":\"$ARN_IOT_PROVISIONING_ROLE\", \"expiresInSec\":3600}"

You should get an output similar to the following:

{
    "jobArn": "arn:aws:iot:[AWS_REGION]:[AWS_ACCOUNT_ID]:job/$JOB_ID",
    "jobId": "$JOB_ID"
}

Watch the output of the job-agent.py in the other terminal

As long as there are no jobs present you should find a log line which contains:

  • callback_jobs_get_accepted - NO jobs available

After you have created your job you should see more activity in the logs. When a job is available you should find a log line containing:

  • callback_jobs_get_accepted - JOBS AVAILABLE

Feel free to create more jobs