Connect Atom Edge to AWS IoT

Introduction

About this document

This document describes how to use Atom NX device that already pre-install nilvana flow kit to connect to AWS IoT:

• libssl 1.1
• mosquitto 2.0.10

Set up Atom Edge Hardware

Please to refer the following link:

• Get Started with Atom Edge
• First boot

Set up AWS IoT

Create an Amazon account

• Refer to the instructions at https://docs.aws.amazon.com/iot/latest/developerguide/setting-up.html. The relevant sections are Sign up for an AWS account and create a user and grant permissions. You can also refer to https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/.

Create an AWS Thing with Certificate and Policy

• Get into https://console.aws.amazon.com/iot/ or search "IoT Core".

• Select "Manage" → "Things" and click the button named "Create".

• Click on the button named "Create a single thing".

• Provide a name and click on "Next" button.

• Click on the "Create certificate".

• Download "certificate", "public key", "private key" and "A root CA for AWS IoT"→ Click on the "Activate" button → "Done". More about AWS IoT Core policies settings, please refer to AWS IoT Core policies.

• On the left navigation pane, chose "Secure" → "Policies" → click on "Create a policy" button.

• Provide the policy name → change to advanced mode → paste the following policy statements → click on the "Create" button.

 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iot:Publish",
        "iot:Receive"
      ],
      "Resource": [
        "arn:aws:iot:*:*:topic/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "iot:Subscribe"
      ],
      "Resource": [
        "arn:aws:iot:*:*:topicfilter/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "iot:Connect"
      ],
      "Resource": [
        "arn:aws:iot:*:*:*"
      ]
    }
  ]
}

NOTE: The policy examples in this document are intended only for dev environments. All devices in your fleet must have credentials with privileges that authorize only intended actions on specific resources. The specific permission policies can vary for your use case. Identify the permission policies that best meet your business and security requirements. For more information, refer to Example policies and Security Best practices.

• On the left navigation pane, chose "Manage" → "Things" → click on the IoT thing which you created.

• Chose "Security" and click the certificate you created.

• Click "Policies" → "Actions"→ "Attach policy".

• Select the policy you created and click the "Attach" button.

• On the left navigation pane, chose "Manage" → "Things" → "Interact" and copy the Endpoint.

Configure Atom Edge to connect to AWS IoT

• Drag the "camera configuration" node into the Nilvana Flow.

NOTE: If you do not know what is Nilvana Flow, please to refer to Introduction to nilvana™ flow ─ Main nodes

• Double click the "camera configuration" and set the MQTT broker.

• Type "localhost" into the Server field and click the "Add" button.

• Select a camera and click "Done".

• Drag "face recognition", "image preview" and "mqtt out" nodes into flow.

• Double click "face recognition" to chose the localhost MQTT broker and type the Workstation IP and click the "Done" button.

• Double click "image preview" → check "Allow image passthrough" → "Done".

• Double click "mqtt out" → click the edit button to set AWS MQTT broker.

• AWS MQTT broker settings：
  1. Copy the Endpoint into the "Server" field.
  2. Set 8883 into the "Port" field.
  3. Uncheck "Use legacy MQTT 3.1 support".
  4. Click the "edit" button to add TLS Configuration.

• Upload the files you saved from "One click certificate creation" → Provide Name → Click the "Add" button.

• Set QoS to 1 → Retain to false → click the "Done" button.

• Link "face recognition", "image preview", "mqtt out" nodes and Click the "Deploy" button.

• Drag the button to turn on the camera.

• Verification of the MQTT messages.