By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Provision AWS IoT thing using template and CLI

0

I wanted to use the aws CLI to provision thing devices, using a (edit: pre-written) provisioning template My end goal is to allow devices to self-request any thingname they want.. but for it to be automatically blocked if that name already exists.

Initially I thought I'd use "aws iot register-thing" but that doesnt have an option to specify template. So then I thought I would use

aws iot-data publish $aws/provisioning-templates/templateName/provision/json

but the command complained, "An error occurred (InvalidRequestException) when calling the Publish operation: Topic can't start with $"

So.. what are my options? I'd prefer not to have to use a whole python program for ONE stupid operation.

My underlying motivation, is to be able to use a provisioning cred in a way that it isnt allowed to mess with a thing that already exists.

I was so happy when I found that I supposedly could do all the thing and cert creation stuff from the aws cli. but this is taking the wind out of my sails :(

Topics
Internet of Things (IoT)
Tags
AWS IoT Core
Language
English
rePost-User-8804953
asked 10 months ago304 views
2 Answers
1

Hi,

perhaps the provisioning exercises from the IoT Device Management workshop might help.

Cheers,
Philipp

AWS
EXPERT
Philipp S
answered 10 months ago
  • rePost-User-8804953
    10 months ago

    hm. the specific reference you gave, requires having our own CA, which for various reasons, I dont think is going to be viable. Is there a different option I missed somewhere there?

  • rePost-User-8804953
    10 months ago

    Also, I amended my original question, to make clear that I'm looking for a method that will auto-reject already existing thingnames

0

Looking at the AWS CLI documentation, I thought I could use the provisioning template by doing the following.
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/iot/register-thing.html

aws iot register-thing --template-body file:///provisioning-templates/templateName/provision/json

If you get an error when specifying a provisioning template in file format, try passing JSON as a string as is, as shown below.

aws iot register-thing \
    --template-body '{"Parameters":{"ThingName":{"Type":"String"},"AWS::IoT::Certificate::Id":{"Type":"String"}},"Resources": {"certificate":{"Properties":{"CertificateId":{"Ref":"AWS::IoT::Certificate::Id"},"Status":"Active"},"Type":"AWS::IoT::Certificate"},"policy":{"Properties":{"PolicyName":"MyIotPolicy"},"Type":"AWS::IoT::Policy"},"thing":{"OverrideSettings":{"AttributePayload":"MERGE","ThingGroups":"DO_NOTHING","ThingTypeName":"REPLACE"},"Properties":{"AttributePayload":{},"ThingGroups":[],"ThingName":{"Ref":"ThingName"},"ThingTypeName":"VirtualThings"},"Type":"AWS::IoT::Thing"}}}'
profile picture
EXPERT
Riku_Kobayashi
answered 10 months ago
  • rePost-User-8804953
    10 months ago

    sorry if my intent wasnt clear: I specifically want to use a PRE-DEFINED template. For security reasons. I dont want the device to be able to write its own template on the fly.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content