By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Update ESP32 firmware from AWS S3 private bucket uploaded firmware.bin file?

0

Hi!

I have a pipeline in AWS that takes the code of my firmware when a push happens to an specific branch, compiles it and leaves the .bin inside an specific S3 private bucket.

What is the best approach to access a private bucket from a firmware in a esp32 code to update the firmware of the esp32 with the new version uploaded in S3? I saw some approaches like calling an intermmediate backend service to generate a pre signed URL, but there is a way to access via HTTPS directly to the S3 bucket sending some kind of credentials since it is private, to be able to download the update?

Thanks guys for the help!

Topics
Developer ToolsInternet of Things (IoT)Storage
Tags
AWS CodeBuildAWS IoT CoreAWS CodeDeployAmazon S3 Access Grants
Language
English
cao95
asked 10 days ago100 views
1 Answer
0
Accepted Answer

Hi. A pre-signed URL is likely a very good option. I would say the the most common approaches for an IoT device are:

  1. Pre-signed URL.
  2. If your device is using AWS IoT Core, have your device use the AWS IoT Core credential provider to get temporary IAM credentials allowing it to access the bucket object.
  3. MQTT file streams if you would prefer to transfer the file using MQTT instead of HTTP.

Some relevant demos: https://github.com/aws/aws-iot-device-sdk-embedded-C/tree/main/demos/http

Options 1 and 3 are commonly used with AWS IoT Jobs and AWS IoT OTA Updates (aka "FreeRTOS OTA"). Jobs with presigned URLs: https://docs.aws.amazon.com/iot/latest/developerguide/create-manage-jobs.html#create-manage-jobs-presigned-URLs

More information:

profile pictureAWS
EXPERT
Greg_B
answered 10 days ago
  • cao95
    10 days ago

    Hey Greg! Im not using AWS IOT to register my devices as things, is mandatory to implement everything with AWS IOT to be able to do this, with this we will have to change a lot our actual services code to make it work.

    I could create an intermediate service with an endpoint, make the device do a request here to get the s3 pre signed URL and then with that URL do the update inside my firmware? Or should the device send a signal to an mqtt topic and then make that service to send the updated firmware to the given device usng MQTT file streams?

    Thanks!

  • Greg_B EXPERT
    10 days ago

    You don't need to use AWS IoT to use pre-signed URLs. You just need to create the URL and send it to your device, using whatever protocol your device uses.

  • cao95
    10 days ago

    I see, thanks!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content