With IAM Role for IoT in place, the next step is to register the device as Thing in the AWS IoT Core.
-
You will first create an IoT policy which authorizes the device to perform actions within AWS IoT core. Goto the IoT Core Console, click on Policies menu under Secure in the left and then click on the Create a policy button.
-
On the next screen, enter policy name as dojodevicepolicy, enter “iot:*" for the Action, enter "*" for the Resource ARN, select Allow for the Effect and click on the Create button. You are creating a no restriction type policy for the workshop. However, in the production implementation, you might want to configure policies with restrictions for the actions and the resources.
-
The policy is ready. After creating the policy, you will now create a device as thing and attach the policy to it.
-
On the AWS IoT Core console, click on Things menu under Manage in the left and the click on the Register a thing button.
-
On the Creating AWS IoT things screen, click on the Create a single thing button.
-
On the Add your device to the thing registry screen, enter the device name as dojodevice1 and click on the Next button.
-
On the Add a certificate for your thing screen, click on the Create certificate button. It will create certificate files which the device use for the authentication purpose. AWS IoT supports X.509 client certificates.
-
On the Certificate created screen, download all the cerficate files - A certificate for this thing, A public key, A private key and A root CA for AWS. The files looks like as shown below. Finally click on the Activate button to activate the certificate. Finally click on the Attach a policy button.
Note: Please note the location of the downloaded certificate files because you will need them later to configure authentication for the device.
-
On the Add a policy for your thing screen, select dojodevicepolicy and click on the Register Thing button.
-
The device registration is complete now. Click on the device to check the details.
-
On the next screen, select Interact menu option and make note of the Rest API Endpoint. The endpoint is the Broker Address which is used by the devices to communicate to AWS IoT core.
Note: Please make note of the endpoint as it will be used as “Broker Address” in the next task while configuring MQTT.fx client as the device.
- Since there is no physical device for the workshop, you will configure MQTT.fx client as the device simulator in the next task.