By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Is it possible to have Ignition Edge (via MQTT Transmission Plug-in) as a Greengrass V2 client device?

0

Hello, I am trying to connect Ignition Edge to my Greengrass V2 Core device (running in a VM) via MQTT. I did the steps explained on the Cloud discovery configuration, but I just cannot seem to get it to work properly.

Is it possible to connect client devices to Greengrass Core without the use of the AWS SDK?

  • vidishataws
    2 years ago

    Yes, it is possible to connect client devices without using the AWS SDK.

    Can you list the steps you performed for the cloud discovery?

Topics
Internet of Things (IoT)
Tags
AWS IoT GreengrassInternet of Things (IoT)
Language
English
HopTech_vdr
asked 2 years ago365 views
2 Answers
1
Accepted Answer

Yes, you can connect to Greengrass as a client device as long as it meets the criteria of:

  1. Having the Thing, X.509 certificate, and policy registered in AWS IoT
  2. Using cloud discovery to get the signing CA for the local server certificate, endpoint (name or IP address), and port number for the Core device
  3. Configuring Ignition's MQTT module with the returned details of cloud discovery and the client certificate/private key to complete the local mTLS operation.

One way to validate that everything is operational would be to use the AWS IoT Device SDK to verify the configuration of Greengrass Core and send messages to AWS IoT Core. Then you will know that's working correctly and can move on to the Ignition setup and testing.

With a lot of moving parts, if you have questions, please respond and I'll help clarify.

AWS
Gavin_A
answered 2 years ago
  • HopTech_vdr
    2 years ago

    Hi Gavin,

    Thank you, this clarifies it a bit for me.

    Currently, I am having a hard time with policy configuration. I'm at a loss which policies I need to set up, and how.

    I followed the “greengrass/v2/developerguide/client-devices-tutorial” guide, but I cannot enable the “greengrass:Discovery” permission via the IoT Core policies, as it isn't available as an option.

    There is an option to manually insert it via the JSON, but then I don't know if it is properly enabled.

    Is there a guide I can use to help with the policy setup and such?

0

An update on my question:

After much researching, I think I finally got it to work. Turns out, it wasn't really about the policies. While I cannot select them on the IoT Greengrass Policy Console screen, I could still put them inside the JSON, which works correctly.

After making sure every policy was correct, I tried to connect to my Greengrass Moquette Broker. This didn't work, I got an error which stated: “Unable to verify the first certificate”. After some digging, I found out that I didn't fulfil the second criteria. I overlooked getting the signed local server certificate from the Greengrass Core. I solved this by requesting the Certificate using the Discovery API with curl.

After this, it worked correctly, and I could connect Ignition Edge to my Greengrass Core.

Once again, thank you very much for your assistance, Gavin!

HopTech_vdr
answered 2 years ago
  • use1998
    a year ago

    Hi :) I'm trying to do the same right now. But I can't deploy the Greengrass Group subscriptions to my core device. It is stuck in "In Progress" status. Did you have the same issue?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content