Single device provisioning

In this exercise you will provision a single device with the register-thing API call. In this provisioning example the thing will be assigned to a thing group and a thing type will be assigned. Group and type must exist before the provisioning is started.

Provision a thing with a single API call (register-thing) and a provisioning template. A key for the device and a CSR are also required to provision the device.

You will find a provisioning template in your home directory. The filename is templateBody.json

Create keys, CSR and input parameter with the script “mk-prov.sh” for a single device. The output is applied through the Parameters section in the provisioning template to the register-thing API.

The device that will be created will also be put into a thing group and thing type will be also assigned. This is done through the provisioning template. However group and type must exist before the provisioning process starts.

Directory

Use the directory ~/provisioning for the exercises in this chapter.

cd ~/provisioning

Provision a single device

Create a thing group in AWS IoT

aws iot create-thing-group --thing-group-name bulk-group

Create a thing type in AWS IoT

aws iot create-thing-type --thing-type-name bulk-type

Create key, CSR and parameters:

# set you thing name
THING_NAME=my-second-thing

mk-prov.sh $THING_NAME

Provision the thing. Copy the output within the curly brackets including the curly brackets and replace it in the following command in the –parameters section

aws iot register-thing --template-body file://~/templateBody.json --parameters '[OUTPUT_FROM_THE_PREVIOUS_COMMAND]'

As output from the previous command you receive the certificate for your thing. Copy the certificate pem from the output and save it into a file with the following command

echo -e [CERTIFICATE_PEM] > $THING_NAME.crt

Go to the AWS AWS IoT Core console

  1. Manage
  2. Things
  3. Click on my-second-thing
  4. Security
  5. Click the certificate
  6. Policies
  7. Click the Policy name

Go to the AWS IoT Core console

  • Subscribe to the topic: iot/ws

In a Cloud9 terminal:

# publish a message to AWS IoT
mosquitto_pub --cafile ~/root.ca.bundle.pem \
  --cert $THING_NAME.crt --key $THING_NAME.key \
  -h $IOT_ENDPOINT -p 8883 -q 0 -t iot/ws \
  -i $THING_NAME --tls-version tlsv1.2 \
  -m "{\"prov\": \"second\", \"date\": \"$(date)\"}" -d

Go to the AWS IoT Core console and validate that a message has been published.