Sei sulla pagina 1di 63

Recursos

Síguenos en Twitter: @awscloud_es

Contacta con nosotros: https://aws.amazon.com/es/about-


aws/events/monthlywebinarseries/contact-us1/

Eventos, webinars y user groups: https://aws.amazon.com/es/eventos-es/

Página web: http://aws.amazon.com/es

Novedades: https://aws.amazon.com/new/

Sondeos y feedback
IoT Webinar Day

Rodrigo Merino Gutiérrez


AWS Partner Solution Architect for IoT

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda

IoT Webinar 1
• Introducción a los servicios IoT
de AWS

IoT Webinar 2
• Cómo conectar dispositivos
• AWS IoT Shadows
• AWS IoT Rules
• AWS IoT Jobs
If you knew the state of everything and
could reason on top of that data…

what problems would you solve?


Nobody just buys IoT technology…
they seek business outcomes
Business outcomes with IoT

N e w se rv ic e s & P ro d u c ts th a t g e t B e tte r re la tio n sh ip In c re a se d In te llig e n t D a ta d riv e n


b u sin e ss m o d e ls b e tte r w ith tim e w ith c u sto m e rs e ffic ie n c y d e c isio n m a k in g d isc ip lin e

Revenue growth Operational efficiency


IoT data drives business growth IoT data decreases OpEx
IoT solutions are complex & multidimensional

Devices & Connectivity & Analytics Applications Change


sensors infrastructure & insights & services management

Onboard, Connect, Analyze, Engage, Transform,


provision, communicate, visualize, empower, shift culture
manage secure act delight
Our concept of IoT
Things Cloud
Sense & Act Storage & Compute

Intelligence
Insights & Logic → Action

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IoT Architecture
Things Cloud
Sense & Act Storage & Compute

Secure device
connectivity
and messaging

Intelligence
Insights & Logic → Action
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IoT Architecture
Things Cloud
Sense & Act Storage & Compute

Secure local Secure device Fleet onboarding, Fleet IoT data


triggers, actions, connectivity management and audit and analytics and
and data sync and messaging SW updates protection intelligence
Endpoints
Gateway

Intelligence
Insights & Logic → Action
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Sondeo

¿Cómo será el despliegue de tu


próximo proyecto de IoT?

¡Tu opinión es importante!


How can I
connect my
devices securely,
and handle
the data they
generate?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IoT Core
Secure Device Connectivity and Messaging
AWS IoT Core is a managed service that lets connected devices easily
and securely interact with cloud applications and other devices.

To securely connect devices To route, process, and To enable applications to To fully integrate with
to the AWS cloud and act upon data from interact with devices even other AWS service to reason
other devices at scale connected devices when they are offline on top of the data
(Analytics, Databases, AI, etc.)

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IoT Core
Secure Device Connectivity and Messaging

Identity Device Message Rules Device Registry


Service Gateway Broker Engine Shadow
How can I
extend AWS
cloud capabilities
to the edge?
AWS Greengrass
Extend AWS IoT to the Edge

AWS Greengrass extends AWS IoT onto your devices, so that they can act
locally on the data they generate, while still taking advantage of the cloud.

Law of Physics

Law of Economics

Law of the Land

Edge Cloud

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Greengrass
Extend AWS IoT to the Edge

ʥ
A

Local Local Data and Security Local Machine Protocol Over the
Messages Actions State Sync Resource Learning Adapters Air Updates
and Triggers Access Inference
Local Lambda Local AWS-grade Lambdas Interact Local Execution Easy Integrations Easily Update
Message Broker Functions Device Shadows security With Peripherals of ML Models With Local Greengrass Core
Protocols

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How can I
securely connect
constrained, ?
microcontroller-
based devices?
Amazon FreeRTOS
IoT Operating System for Microcontrollers
Amazon FreeRTOS, based on the popular FreeRTOS, is a microcontroller
operating system that makes small, low powered edge devices easy to
program, deploy, secure, connect, and maintain.

EMBEDDED APPS

GREENGRASS
CONNECTIVITY

OVER THA AIR


(OTA) AGENT

LIBRARIES
LIBRARIES

LIBRARIES
SECURTIY

CLOUD &
HELLO

FreeRTOS
HW DRIVERS

Will it work on my chip? Does it have the Where do I get it? How do I start?
functionality I need?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon FreeRTOS
IoT Microcontroller OS

Local Connectivity Cloud Connectivity Security OTA Beta &


Libraries Libraries Connectivity Code Signing
AWS Greengrass AWS IoT Core Libraries

Based on FreeRTOS kernel


© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How can I
manage my
growing number
of connected
devices?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IoT Device Management
Device Management Service

AWS IoT Device Management helps you onboard, organize, monitor,


and remotely manage your growing number of connected devices.

Fast device Real-time fleet Monitoring and


onboarding at scale indexing and search updating devices

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IoT Device Management
Maintain Fleet Health

Batch Fleet Real-time Fine Grained Over the


Provisioning Fleet Index & Search Device Logging Air Updates
& Monitoring
Sondeo

¿En qué tipología se podría clasificar tu


proyecto de IoT?

¡Tu opinión es importante!


How do I ensure
my connected
devices stay
secure?
CO
IN MI
AWS IoT Device Defender 20 NG
18

Keep Your Fleet Secure

Audit Device Monitor Device Identify Generate Patch Security


Configurations Behavior Anomalies Alerts Vulnerabilities

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How do I
generate value
from my 10101 1 0 1 0 1 1 0 1 0 1

10100 1 0 1 0 1 1 0 1 0 1 10010 0 1 0 1 0 1 0 1 0 1

1
0 1 0 1 0 0 1 0 1 0
0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1

0 1 0 1 0 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0
0 1 0 1 0 1 0 1 0 1

device data?
1 0 1 0 1 0 1 0 1 0
01010
01010
1 0 1 0 1 1 0 1 0 1
01010 1 0 1 0 1 1 0 1 0 1 101001
0 1 0 1 0 1 0 1 0 1
10100 0 1 0 1 0 1 0 1 0 1
0 1 0 1 0 0 1 0 1 0
0 1 0 1 0 1 0 1 0 1 1 0 1 0 1 0 0 1 0 1 0
0 1 0 1 0 1 0 1 0 1
1 0 1 0 1 0 1 0 1 0
1 0 1 0 1 0 1 0 1 0 10100
1 0 1 0 1 1 0 1 0 1 1
0 1 0 1 0 1 0 1 0 1
0 1 0 1 0 0 1 0 1 0
0 1 0 1 0 1 0 1 0 1

1 0 1 0 1 0 1 0 1 0
101001
1 0 1 0 1 1 0 1 0 1
1 0 1 0 1 1 0 1 0 1
0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
0 1 0 1 0 0 1 0 1 0
0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 0 1 0 1 0
0 1 0 1 0 1 0 1 0 1
1 0 1 0 1 0 1 0 1 0
1 0 1 0 1 0 1 0 1 0

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS IoT Analytics
Analytics for IoT Devices
AWS IoT Analytics is a service that processes, enriches, stores, analyzes,
and visualizes IoT data for manufacturers and enterprises.

10101 10101 10101 10101


10101 10101 01010 10101 01010 10101
10101 10010
0 1 0 1 0 1100110011 1 0 1 0011 0 1 0 0 1 011001 0 10 11 00 11 00 10 1 0 1 0
0 1 0 1 0 0011001100 1 0 1 0 1 ENRICHMENT
1010 0
0110011001 110011011 0 1
010
0 0 1 0 1001 0 1 0 1 0 1 00 11010 10101
01010 10101
1 1 0 1 11 00 11 00 11 0 1 001100 1 010011001100 1 0 1 0
01 0 1
1 011001 0
110101
1010
1001100110001 10 01 1
0 1 0 1 0 01100110
00
001
10 011001
00 1010 01010 10101
01 1 0 1 0 1 1 0 1 0110 1 0 1 0 1 0 1 0 010101010101010101
01010 1010 01 1 0 1 00 1
1001 10 0 11 0 1 0 1
010101010110101010
1 0 1 0 1 0 1 0 1100 1 0 1001100110001 10 01 10 01 1 0 1 0 1 011010101011010101
10101 10101 01010 10101 011010011001001001
01010 101 10 011 0 1 1 0 1 00 11 0 1 0 10 01 10 1 01 10 0 1 0 1 0 010101010101010101
0 1 0 1 0 0 1 001100 1 0 1 0 1 0110 1 0 1 0 1 0 1 00 1 0 1 1 0 1 0 1
01010 0101 00 1 011001 0110101 101011010011001001
0 1 0 1 0 1 0 100110 1 0 0 1 0 1 0
1 0 1 10 01 10 01 10 1100 1 0 1
1 0 11 00 01 10 0 1
1010 01 10011001001010 001010101100100101
010101010101010110
0 1 0 1 00 11 00 11 00 11 0 1 0 1 01010 10101 101101001100100100
010
0 1 0 1 010011001100 1 0 1 0 1010101010 010101010101 101

01010 10101
10 010101010101
010110101010
1010101010
01010 011010101011
010101011010
01010
01010 10010010
10101 10101
01010 10101 1010
1010101010 01

IoT data is noisy Filter, process, Store raw data and Ad-hoc queries
and contains gaps transform, and enrich processed data or sophisticated IoT
and false readings your data analytics and visualization
AWS IoT Analytics
Easily analyze IoT data
AWS IoT Analytics is a service that processes, enriches, stores, analyzes,
and visualizes IoT data for manufacturers and enterprises.

Channels Pipelines Data Stores Datasets Jupyter Notebooks


& Templates
AWS IoT Services Suite
Things Cloud
Sense & Act Storage & Compute & Learn

Secure local Secure device Fleet onboarding, Fleet IoT data


triggers, actions, connectivity management and audit and analytics and
and data sync and messaging SW updates protection intelligence
Endpoints Gateway

Amazon AWS Greengrass AWS IoT Core AWS IoT Device AWS IoT Device AWS IoT
FreeRTOS Management Defender Analytics

AWS IoT 1-Click

Intelligence
Insights & Logic → Action
Sondeo

¿Cuál es la mayor dificultad en vuestros


proyectos de IoT?

¡Tu opinión es importante!


Agenda

IoT Webinar 1
• Introducción a los servicios IoT
de AWS

IoT Webinar 2
• Cómo conectar dispositivos
• AWS IoT Shadows
• AWS IoT Rules
• AWS IoT Jobs
Agenda

IoT Webinar 1
• Introducción a los servicios IoT
de AWS

IoT Webinar 2
• Cómo conectar dispositivos
• AWS IoT Shadows
• AWS IoT Rules
• AWS IoT Jobs
Securely connecting devices

• AWS IoT generated certificates


• Use your own certificate with Just In Time Registration /
Provisioning
• Each device must have it’s own certificate
• ”Things”/Devices must be in the registry
• Security policies are defined and attached
AWS IoT Core Protocol Support

• Con certificados
• MQTT
• HTTP

• Con SigV4
• MQTT por
WebSocket
• HTTP
Available AWS IoT Device SDKs

• Em bedded C

• JavaScript
• Arduino Yun

• Java
• Python

• iOS
• Android
• C++
Certificates and keys

• Private key (authenticate the device)

• Certificate (register the device with IoT)

• Root certificate authority (authenticate IoT)


AWS IoT Permissions

• Control what a thing is allowed to do


• Connect, publish, subscribe, receive

• Attach policy to certificates


AWS IoT Policies

{
"Effect": "Allow",
"Action": "iot:Publish",
"Resource": [
"arn:*:topic/private-topic/${iot:ClientId}",
"arn:*:topic/open-topic-space/*"
]
},
{
"Effect": "Allow",
"Action": "iot:Subscribe",
"Resource": "arn:*:topicfilter/private-topic/${iot:ClientId}/*"
}
Best Practice for Securing Devices

• Each device should use a unique private key and


certificate
• An IoT Policy should follow least privilege for
permissions
When a Device is Onboarded

• Created in the device registry


• Device certificate registered with
AWS IoT Core
• Certificate attached to the device
• IoT Policy attached to the device
through:
• Certificate
• Thing group
Lifecycle events

• AWS IoT publishes event messages when certain events occur


• Event messages are published over MQTT with a JSON payload
• Publishes a message when a client connects or disconnects, publishes
or subscribes
• Registry events for things, thing types, thing groups
• Thing created, updated, deleted, job execution, job completion

$aws/events/#
$aws/things/#
Sondeo

¿En qué parte de la “cadena de IoT”


encuentras más dificultades?

¡Tu opinión es importante!


Agenda

IoT Webinar 1
• Introducción a los servicios IoT
de AWS

IoT Webinar 2
• Cómo conectar dispositivos
• AWS IoT Shadows
• AWS IoT Rules
• Demos
Publish on/off to the sprinkler

SUBSCRIBE
macdonald/sprinkler-456

Sprinkler
Device Control logic
Gateway
Publish on/off to the sprinkler?

PUBLISH
macdonald/sprinkler-456
{ "water": "on" }

Sprinkler
Device Control logic
Gateway
Direct publishing: why not?

on
off Control
logic

off

on Device
Sprinkler Gateway
Device Shadows

reported
state

Device Controller

desired
state
AWS IoT Shadow: simple yet powerful

{
Report its current state to one or multiple shadows
Retrieve its desired state from shadow "state" : {
“desired" : {
Thing "lights": { "color": "RED" },
"engine" : "ON"
},
Shadow reports delta, desired and reported "reported" : {
states along with metadata and version "lights" : { "color": "GREEN" },
"engine" : "ON"
Shadow },
"delta" : {
"lights" : { "color": "RED" }
Set the desired state of a device
Get the last reported state of the device } },
"version" : 10
Delete the shadow
}
Mobile App
AWS IoT Shadow Topics

Shadow topics – request


• /update
• /get
• /delete

Shadow topics – response


• /update/accepted • /update/rejected
• /get/accepted • /get/rejected
• /delete/accepted • /delete/rejected
Search both Device Registry and Device Shadow

Lucene-index queries
Agenda

IoT Webinar 1
• Introducción a los servicios IoT
de AWS

IoT Webinar 2
• Cómo conectar dispositivos
• AWS IoT Shadows
• AWS IoT Rules
• AWS IoT Jobs
Rules engine: Extracting value from messages

• Filter messages with certain criteria


• Transform the payload of messages
• React based on messages
• Move messages to other topics
• Move messages to other systems
• Predict changes based on trends
Rules Engine for IoT Operations

Invoke a Lambda function Publish to Firehose

Put object in an S3 bucket Republish to AWS IoT

Insert, update a Capture a CloudWatch


DynamoDB record metric or change an alarm

Publish to an SNS topic Publish to Amazon ES


or endpoint
Publish to an Amazon Kinesis Write to SQS queue
stream
Format of an AWS IoT SQL Statement

SELECT *, timestamp() as timestamp FROM 'pws/#' WHERE temp > 30

SELECT – What values to include for Action


FROM – What topic structure to act upon
WHERE – Logic to determine if the statement should
execute
Topics Rules Actions
{
"sql": "SELECT * FROM 'pws/station1/#'",
"actions": [
{
pws/ "s3": {
"bucketName": "myBucket",
station1/ "key": "myS3Key"
temp } Amazon
}] S3
wind }
station2/
temp {
wind "sql": "SELECT * FROM 'pws/#'",
"actions": [
temp_status {
$aws/ "elasticsearch": {
"endpoint": "http://my-endpoint",
things/ "index": "my-index",
Amazon ES
station1/... }
"id": "${newuuid()}"

station2/... }]
}

{
"sql": "SELECT * FROM 'pws/+/temp'",
"actions": [
{
"republish": {
"topic": "pws/temp_status"
}
AWS IoT
}]
}
Agenda

IoT Webinar 1
• Introducción a los servicios IoT
de AWS

IoT Webinar 2
• Cómo conectar dispositivos
• AWS IoT Shadows
• AWS IoT Rules
• AWS IoT Jobs
Define Local Actions Using Jobs

Jobs use JSON files called


Job Documents to define AWS IoT

actions that the device should Job


take locally

Example use cases:


• Firmware updates IoT thing camera IoT thing windfarm IoT thing coffee pot IoT thing travel

• Reboot a device
• Rotate certificates
Define Local Actions Using Jobs

• Include one or more locations of dependent


data to download (i.e. S3 Objects)
• Use location links as placeholders for pre-
signed URL at run-time
• JSON Encoded JSON
• Create jobs using AWS Console, CLI, and SDK
Structure of Job Documents
{
{ "operations" : {
"operation" : "reboot” "reboot" : ”safe-mode",
} "configurations" : {
"log" : "persist",
"download" : {
"target" : "${aws:iot:s3-presigned-
url:https://s3.amazonaws.com/bucket/key}",
"patch" : "critical"
},
"restart" : "blemodule"
}
}
}
AWS IoT Services Suite
Things Cloud
Sense & Act Storage & Compute & Learn

Secure local Secure device Fleet onboarding, Fleet IoT data


triggers, actions, connectivity management and audit and analytics and
and data sync and messaging SW updates protection intelligence
Endpoints Gateway

Amazon AWS Greengrass AWS IoT Core AWS IoT Device AWS IoT Device AWS IoT
FreeRTOS Management Defender Analytics

AWS IoT 1-Click

Intelligence
Insights & Logic → Action
¡Muchas gracias!

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Recursos

Síguenos en Twitter: @awscloud_es

Contacta con nosotros: https://aws.amazon.com/es/about-


aws/events/monthlywebinarseries/contact-us1/

Eventos, webinars y user groups: https://aws.amazon.com/es/eventos-es/

Página web: http://aws.amazon.com/es

Novedades: https://aws.amazon.com/new/

Encuesta y feedback