Is it possible to have Ignition Edge (via MQTT Transmission Plug-in) as a Greengrass V2 client device?
Hello, I am trying to connect Ignition Edge to my Greengrass V2 Core device (running in a VM) via MQTT. I did the steps explained on the Cloud discovery configuration, but I just cannot seem to get it to work properly.
Is it possible to connect client devices to Greengrass Core without the use of the AWS SDK?
Yes, it is possible to connect client devices without using the AWS SDK.
Can you list the steps you performed for the cloud discovery?
Yes, you can connect to Greengrass as a client device as long as it meets the criteria of:
- Having the Thing, X.509 certificate, and policy registered in AWS IoT
- Using cloud discovery to get the signing CA for the local server certificate, endpoint (name or IP address), and port number for the Core device
- Configuring Ignition's MQTT module with the returned details of cloud discovery and the client certificate/private key to complete the local mTLS operation.
One way to validate that everything is operational would be to use the AWS IoT Device SDK to verify the configuration of Greengrass Core and send messages to AWS IoT Core. Then you will know that's working correctly and can move on to the Ignition setup and testing.
With a lot of moving parts, if you have questions, please respond and I'll help clarify.
Thank you, this clarifies it a bit for me.
Currently, I am having a hard time with policy configuration. I'm at a loss which policies I need to set up, and how.
I followed the “greengrass/v2/developerguide/client-devices-tutorial” guide, but I cannot enable the “greengrass:Discovery” permission via the IoT Core policies, as it isn't available as an option.
There is an option to manually insert it via the JSON, but then I don't know if it is properly enabled.
Is there a guide I can use to help with the policy setup and such?
An update on my question:
After much researching, I think I finally got it to work. Turns out, it wasn't really about the policies. While I cannot select them on the IoT Greengrass Policy Console screen, I could still put them inside the JSON, which works correctly.
After making sure every policy was correct, I tried to connect to my Greengrass Moquette Broker. This didn't work, I got an error which stated: “Unable to verify the first certificate”. After some digging, I found out that I didn't fulfil the second criteria. I overlooked getting the signed local server certificate from the Greengrass Core. I solved this by requesting the Certificate using the Discovery API with curl.
After this, it worked correctly, and I could connect Ignition Edge to my Greengrass Core.
Once again, thank you very much for your assistance, Gavin!
Hierarchy in Greengrass V2asked a year ago
How to connect an IoT Thing to Greengrass V2asked a year ago
Connect to Greengrass Core V2 - no cipher suites in common TLS-ECDHE-ECDSA-...asked 4 days ago
Greengrass V2 positioning for new deviceasked 4 months ago
Is it possible to have Ignition Edge (via MQTT Transmission Plug-in) as a Greengrass V2 client device?Accepted Answerasked a month ago
Code 2 Error - Trying to install Greengrass Core on Raspberry 4B via device setup scriptasked 6 months ago
Greengrass v2 IPC IoT Core messaging limitsasked a year ago
How to implement authentication in AWs IoT Greengrass Component deployed to the Greengrass Core Device?asked 2 months ago
Configuring Edge device for direct or via gateway communicationasked a year ago
Manual installation of GGC V2 Core deviceasked a year ago