- Newest
- Most votes
- Most comments
Hi,
3 should not be used as your are basically breaking the Greengrass authentication and authorization system's intent. It certainly can be done that way, but I would really caution against it. Either #1 or #2 makes the most sense to me; so much sense in fact that we've already implemented an example of this solution https://github.com/aws-greengrass/aws-greengrass-component-examples/tree/main/mqtt-bridge.
This example code must be treated exactly as that, an example. It does not implement any security above username+password and has very minimal error handling. You can have a look at it to give you a head start, but I would tell you to not deploy it as-is into a production environment as it has not been tested to those standards.
Hope that helps,
Michael Dombrowski
@lacteolus I've done #1 using the exact method you described, and it works reliably. Two things to consider:
- Spooling from GG to IOT Core is only memory-backed at the moment, there's no persistent message storage if your device goes offline. May/may not be a deal breaker
- I think there's a tiny leak in the python IPC code : https://github.com/aws/aws-iot-device-sdk-python-v2/issues/149
There's a another way which i'm starting to consider, and that's using StreamManager ( https://forums.aws.amazon.com/thread.jspa?threadID=335746&tstart=0 )- which does persistent message storage, but you'd need to run a lambda in AWS to push data from a kinesis data stream to IoT Core.
As I know AWS has plans to add "world-facing" broker as part of greengrass core. I think it would help to communicate components and other services running on device.
Relevant content
- asked 2 years ago
- asked 3 years ago
- asked 7 months ago
- Accepted Answerasked 4 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago