Download - AWS Black Belt Online Seminar · 1 18 ..121 8 22 1 08 , + ! ! agCo " " - ! ! - A ! . RWTTICA
7 8 ,1. 1 /1 8/ 22 1 3 1 1 10
W c dI S ehf ab
�AWS Black Belt Online Seminar�, A T g
1 18 ..121 8 22 1 08 ,
�na i
��e ( L TWL TW
b KA d
) S I
���������) ( ) , / /
mh
1 18 ..121 8 22 1 08 ,
, 8: , E 3B B A B8D
1 : O a I c a e m rJW
& Ln J o W b c
0C E:
( ) LiJtl do J
& . 28A9 8 E:
a~ ORT cR Se m rJ lhk J ie
// . . / . /. -.
1 18 ..121 8 22 1 08 ,
• u )t (s j nl Mca S b/. hiojgm 7 0 A 0 0 2 W
• y S Mdb /. hiojgmw /. hiojgm f W b
• b su v M z q prf e wf W b
/. 3 A 18 38 82 C A /. 828 8A C1:82: 0 08:01: 0 3 8A AC1 2 270 8 022 30 2 8 7 7 /. ,CA 0 08:01:0 7 0 A 0 0 2 0 828 8 0 8 8 2:C3 3 8 78A 3 2C 8A 83 3 : 0A 0 A 8 0 CA0 270 A /. A 82 A10A 3 2 08 8 0 8 70 C 70 83 3 7: 270 A 8:: 1 10A 3 C 02 C0: CA /. A 82 A 0 3 0 0 7 A 8 0 A
83 3
1 18 ..121 8 22 1 08 ,
C
ro a/T / CIWS =
os t t I
C
W C C WS Po AC
1 18 ..121 8 22 1 08 ,
����
• ����� ��������• ���������• ���
1 18 ..121 8 22 1 08 ,
���������� ��
1 18 ..121 8 22 1 08 ,
/
• I a B
• = B
de W g h c C wyt A R G Si a E
) = ( Ca t T sn wyr A P E Rl S
• / / M yo 2
1 18 ..121 8 22 1 08 ,
•• ) (
https://docs.aws.amazon.com/ja_jp/iot/latest/developerguide/device-certs-your-own.html#create-device-cert
1 18 ..121 8 22 1 08 ,
A C
) I
• )• ))• )• (• (
• )• (• (
//
C=
A
1 18 ..121 8 22 1 08 ,
/ /
IJ P P A a S
P A A a eW cT
1 18 ..121 8 22 1 08 ,
+ a g Co
-- A
.
RW T T IC A- < - /
A S ED
T $ > - <-
https://aws.amazon.com/jp/blogs/news/new-just-in-time-certificate-registration-for-aws-iot/
a c / /Ag lnI R
T i
) - (ke AT
JD V Tm Ehb
{ "certificateId": "", "caCertificateId": "","timestamp": "", "certificateStatus": "PENDING_ACTIVATION","awsAccountId": "", "certificateRegistrationTimestamp": "" }
1 18 ..121 8 22 1 08 , https://github.com/aws-samples/aws-iot-examples/blob/master/justInTimeRegistration/deviceActivation.js
Policy template
Create Policy
attach Policy
activate
Just in time registration A
1 18 ..121 8 22 1 08 ,
/ / H :
B H
AmazonDynamoDB
AWS IoT
AWS IoT AmazonDynamoDB
AWSLambda
response/topic
������#(" policy�!��) mqtt topic �� ��������
!����&*�����HTTP request#("�%$��'���
AWSLambda
devicedevice
Amazon API Gateway
1 18 ..121 8 22 1 08 ,
oiCu T . ) W
• . ) A ) S AW A I J
W• a T A S v S
gumtCsv T r m 2 24 /
• lne 33 2 . S S BW A cf dpCm A
S12 2 PI a / 4
• T 1S y
1 18 ..121 8 22 1 08 ,
B
- ) sn p J sn• t lJ J 2 3 ) u I
l J D• sn e m2 24 12 2
• t W 2 CroJ l g l IT J
• - ) I r J t2 1
• e c t J A e SJ ea i J D
1 18 ..121 8 22 1 08 ,
��������������� ��������������������
1 18 ..121 8 22 1 08 ,
- e
reu
hu h I
t
SW ibl M
3 k M T scA M n
A po
2,
8.A 9 ,2 2 02 90 . 2 5 2 2 21
,
IoT certificate
Amazon S3
AmazonDynamoDB
IAM RolePermissions
IoT thing
Control via IoT/MQTTData via HTTPSe.g.,Streaming video (CCTV)Telemetry upload (Sensors)
1 18 ..121 8 22 1 08 ,
9
3)1 32
323)32 21
))
1
e.g) wget tempolay Iwget--private-key= private.pem.key--certificate= certificate.pem.crt--ca-directory= AmazonRootCA1.pemhttps://<your_info>.credentials.iot.us-west-2.amazonaws.com:443/role-aliases/<2alias>/credentials
https://docs.aws.amazon.com/ja_jp/iot/latest/developerguide/authorizing-direct-aws.html
5 0 5 . 5
�)Credential A 2) CreateRoleAlias API (900-3600 )
1 18 ..121 8 22 1 08 ,
X.509 Certificate
AWS SigV4 Instances
Corporate data center
Key/tokenIoT thing lightbulb
IAM
Lambda function
AWS IoT
https://aws.amazon.com/jp/blogs/security/how-to-use-your-own-identity-and-access-management-systems-to-control-access-to-aws-iot-resources/
1 18 ..121 8 22 1 08 ,
��������
1 18 ..121 8 22 1 08 ,
) -
) - P - ) ) ) >
G T >= >=
1 18 ..121 8 22 1 08 ,
(7
• (7 T G• (7 eg )2 7-7 1: G• ,12 0 (7 a• eg PH L hT
• c - 2 7 7 H h G• (7 H P• eg eg• PH 2 :
1 18 ..121 8 22 1 08 ,
W aAb W SW aAbu
18 b Aipoy
) / 2 5
��������������(�� shadow���������)42 h W Sad nbmAl IB
hl 513 ws Bws D (-2 t
18T
K BIad a ne An
1 18 ..121 8 22 1 08 ,
lh uo uW
35 B A=53 bd• w Wa ln i 35 BeA=53 Sd
d• I ( I , 3: , B .3: 53 yD
35 B A=53• Dit ms W = Sd D )
d• T ypt r
20 1W D, 3: ,• 0 35 B e L P
1 18 ..121 8 22 1 08 ,
:
1 18 ..121 8 22 1 08 ,
<67 P JaP d
46= 7 = A76 4 7
d64A7T =
I= G =5 S
A4A S
( 1 46= 64A7
WT 0.
) b S
31 .=2 b
1 18 ..121 8 22 1 08 ,
4cpSa 5 3D 1 / ee d bb yl ba ot6 5 D6 D 4 66 6 _hu
$ 3 D D K 4D 355cD 4D5C 4
3 D D K 4D4 D
4f{cjr4 Pb kg
$ D 4D5C 4 c5 D
( 3 D D K 4D J IcD 4D5C 4 ) 4sn
) J I 4 jr ba
7) $aws/things/{thing }/jobs/{job-id}/update
publish
pS 4ckg- 2 C DD 1 55 DD
vxjr
wm ai ( D 4D5C 4 Cc
Ijob A
1 18 ..121 8 22 1 08 ,
• �����
J
• �� ����� ����������� ���������� J :
b Job 90 90 list im Job z c nAPI S g vW o
job dfael r I Jobb scriptI hs jobb faelt A
1 18 ..121 8 22 1 08 ,
+ Tcados" (#+ { os) hg imd mb ) - u }i j-3 u+ S 1 / A / 3 A SS e e 1 1W/ $ np 1 3 1 r w" tI # J
1 18 ..121 8 22 1 08 ,
) ) J 3 A >A2 ( =/ 1 I A J
> A J
c f
Thing / Thing Group
Task documentISW Job dIJSONI AS3 e
gI
ba I f
1 18 ..121 8 22 1 08 ,
C Y dg u $ $H E N_DH A P n U C NaT DH A
GCD wtb rS_GCD I G B / C / ) HD G
ps CBicM h wtbO JDH A GC GCD Jjelb t{ "status": "IN_PROGRESS", "statusDetails": { "progress": "0%" }, "expectedVersion":"", "clientToken":"" }C b RUOo / 1 )33b3 ))()( R DH A S_
statusDetailsdevice
A
1 18 ..121 8 22 1 08 ,
����� ��������
1 18 ..121 8 22 1 08 ,
T W IS I A
A
1 18 ..121 8 22 1 08 ,
6 J
Shadow
Device SDK
6
7 35
O N 6 6
O N 6O1 2
S3 O N . 6
O
6
61 2 4
AWS IoT
1 18 ..121 8 22 1 08 ,
N
11 0
0 0
,
01 "
" pe d N gN a
io :g a
N l
N , 1 0 nF0 0O
1 18 ..121 8 22 1 08 ,
F :
"engine" : ”OFF”
01 10
, ,
1, ,
0 , "
1 18 ..121 8 22 1 08 ,
:
"engine" : ”ON”01 1
0, ,
1
, ,
0 , "
1 18 ..121 8 22 1 08 ,
, :
"engine" : "ON”
11 0
0 0
,
01 "
1 18 ..121 8 22 1 08 ,
) ( :
"engine" : "ON”
() ,1 )
,"1 0 1 )
,") (
,
"1 ,
1 18 ..121 8 22 1 08 ,
1 0 0 02:
“temp" : 20
12 21 02 ,
5 0 02
2 ,5
5 01 "
5
IoT thing thermostat
e.g)
1 18 ..121 8 22 1 08 ,
2 1 1 0 1 :
“temp" : 25
52 5
2 1 50
1 0 1 5
0 , 5
0
12 "
IoT thing thermostat
1 18 ..121 8 22 1 08 ,
/ n i
sg v / ) c sgobhu a bpw
t $ ) Srl e
/ v) �������� / /
$ / df / gm
1 18 ..121 8 22 1 08 ,
JRO E 588 8 =
MP K ,0 ,0 ,0 DJRO E 588 QL FTS
AWS IoT Thing Shadow
/ A 1 :1 A 1 :1 1
A 1 A 1 1
: 1 1
6-, -1131-, C8- 4 ($$
) (
https://docs.aws.amazon.com/ja_jp/iot/latest/developerguide/device-shadow-mqtt.html
1 18 ..121 8 22 1 08 ,
)In=d
( G= a svG rI= = b = pi m
, ( S fG J tI( h m ( w
( e om G h un> m G
1 18 ..121 8 22 1 08 ,
���
1 18 ..121 8 22 1 08 ,
?GA? I
���
Gateway/Edge Computer
Thing
Thing
Thing
mqtt
BLE etc
?/
1 18 ..121 8 22 1 08 ,
l b S to O
0 1 65 5 s
• W ul , 11 -- 1 NE
• W 9 365:p ul
W p ul
• ul i W A CTNE
m A b I h AMQhttps://docs.aws.amazon.com/ja_jp/general/latest/gr/aws_service_limits.html#limits_iot
1 18 ..121 8 22 1 08 ,
if(� �������������
h n
g) ( m
1 18 ..121 8 22 1 08 ,
I
AWS• http://aws.amazon.com/jp/aws-jp-introduction/
• S I Q&AW A• http://aws.typepad.com/sajp/
, 8 0 0 .0 8. 11 , 0 2 0 0 0/
@awscloud_jp
��
cA TWS cAFde cAF W W c b I
����http://on.fb.me/1vR8yWm
0 ,.0c Fa I
1 18 ..121 8 22 1 08 ,
l An c iAWS S l fn Abh e g
m A o W A ihttps://aws.amazon.com/jp/contact-us/aws-sales/
AWS n c ad I
:/ . 0 - 71 1 7 447 7/ 7 2
.- . 1 7 1 2 l it e zW
• . 1 7 1 2 aI bI ShQ vsl n S j.-u m Sw f le
/ / 1 A2 1 : / 1 7 1 2 1 A 7 , 8 :• pc• rd go
1 18 ..121 8 22 1 08 ,