AWS IoT is a new managed service that enables Internet-connected things (sensors, actuators, devices, and applications) to easily and securely interact with each other and the cloud. As an IoT developer, you would like to interact with the devices and information from these devices using applications. With AWS IoT topic-based rules and built-in integrations, you can route data from any device to AWS service like DynamoDB, Lambda etc and interact with the devices using topics. With AWS IoT Thing shadows, you can interact with the device using applications. Let's dive deep on how we can define the rules and also retrieve the last known and desired state of device using a device shadow in the cloud and leverage the true power of AWS IoT.

1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Jinesh Varia | @jinman
October 8, 2015
MBL312
AWS IoT Deep Dive
Programming the Physical World with
Shadows and Rules

2. AWS IoT
“Securely connect one or one billion devices to AWS,
so they can interact with applications and other devices”

3. AWS IoT
DEVICE SDK
Set of client libraries to
connect, authenticate and
exchange messages
DEVICE GATEWAY
Communicate with devices via
MQTT and HTTP
AUTHENTICATION
AUTHORIZATION
Secure with mutual
authentication and encryption
RULES ENGINE
Transform messages
based on rules and
route to AWS Services
AWS Services
- - - - -
3P Services
DEVICE SHADOW
Persistent thing state
during intermittent
connections
APPLICATIONS
AWS IoT API
DEVICE REGISTRY
Identity and Management of
your things

4. In this session, we are going to dive deep
RULES ENGINE
Transform messages
based on rules and
route to AWS Services
DEVICE SHADOW
Persistent thing state
during intermittent
connections

5. An Example: Connected Vacuum Cleaner
Sweeps (duh!)
Reports its state via events:
• power, battery
• status (DOCKED,
RUNNING),
• bin.lastEmptied,
• bin.used,
• firmware version,
• filter.lastChanged,
• filter.usageMinutes,
• next run time
Mobile Phone can
• Initiate “Sweep”
• Receives Push
Notifications
• Show Current State
• Track History of Cleans
• Track Path and Uncleaned
Areas
• Initiate Firmware Updates
Wi-Fi Connected
Vacuum Cleaner
Mobile App to
Control the Device

6. AWS IoT Rules Engine Basics
SELECT * FROM ‘things/thing-2/color’
WHERE color = ‘red’
Rule
Name
Description
SQL Statement
Array of Actions AWS Services, Native

7. Simple & Familiar Syntax
- SQL Statement to define topic filter
- Optional WHERE clause
- Advanced JSON support
Functions improve signal : noise
- String manipulation (regex support)
- Mathematical operations
- Context based helper functions
- Crypto support
- UUID, Timestamp, rand, etc.
AWS IoT Rules Engine Basics
SELECT * FROM ‘things/thing-2/color’
WHERE color = ‘red’

8. AWS IoT Rules Engine’s Flexibility
SELECT *, clientId() as MQTTClientId
FROM 'one/rule'
WHERE
startsWith(topic(2), ’Vac123') AND
(state = ‘SWEEP' OR bin.size < 30)",
"actions":
[{
"republish": {
"topic":
"controllers/${substring(topic(3),
3, 5)}",
}]

9. AWS IoT – SQL Reference
SELECT DATA FROM TOPIC WHERE FILTER

10. AWS IoT Rules Engine – Format
{
"sql":"SELECT 'IDLE' AS status FROM 'vacuum/+/events' WHERE
event = 'COMPLETE'",
"actions": [
{
"dynamoDB": {
"tableName":"vaccum-status",
"hashKeyField":"vacuum_id",
"hashKeyValue":"${topic(2)}",
"payloadField":"statusDocument",
"roleArn":"arn:aws:iam::77777:role/rules_action_ddb"
}
}
]
}

11. AWS IoT – SQL Reference
SELECT DATA FROM TOPIC WHERE FILTER
• Like scanning a database table
• Default source is an MQTT topic
EXAMPLES:
• FROM mqtt(‘my/topic’)
• FROM mqtt(‘my/wildcard/+/topic’)
• FROM (‘my/topic’)

12. AWS IoT – SQL Reference
SELECT DATA FROM TOPIC WHERE FILTER
• Properties from the JSON Object in the payload
• “.” Operator
• “..” Operator
• “*” Operator
• Apply functions to attribute value

13. AWS IoT – SQL Reference
SELECT DATA FROM…
• SELECT *
• SELECT deviceid, temp
• SELECT coords.latitude
• SELECT a.another_level.b
• Returns {“b” : 3}
• SELECT a..b
• Returns {“b” : 3}
{
“deviceid” : “iot123”,
“temp” : 54,
“humidity” : 32,
“coords” : {
“latitude” : 47.615694,
“longitude” : -122.3359976
},
“a” : {
“another_level” : {
{“b” : 3},
{“b” : 5}
}}
}
SAMPLE PAYLOAD

14. AWS IoT – SQL Reference
SELECT DATA FROM…
• SELECT deviceid AS client
• SELECT md5(deviceid) AS hashed_id
Substitution Templates
• ${expression}
• ${topic() - md5(deviceid)}
• ${deviceid - temp}
{
“deviceid” : “iot123”,
“temp” : 54,
“humidity” : 32,
“coords” : {
“latitude” : 47.615694,
“longitude” : -122.3359976
},
“a” : {
“another_level” : {
{“b” : 3},
{“b” : 5}
}}
}
SAMPLE PAYLOAD

15. AWS IoT – SQL Reference
SELECT DATA FROM TOPIC WHERE FILTER
Token Meaning Example
= Equal, comparison color = 'red'
<> Not Equal, comparison color <> 'red'
AND Logical AND color = 'red' AND siren = 'on'
OR Logical OR color = 'red' OR siren = 'on'
() Parenthesis, grouping color = 'red' AND (siren = 'on' OR isTest)
+ Addition, arithmetic 5 + 3
- Substitution, arithmetic 5 - 4
/ Division, arithmetic 8 / 2

16. AWS IoT – SQL Reference
SELECT DATA FROM TOPIC WHERE FILTER
Token Meaning Example
< Less than, comparison color = 'red'
<= Less than or equal color <> 'red'
> Greater than, comparison color = 'red' AND siren = 'on'
>= Greater than or equal color = 'red' OR siren = 'on'
CASE …
WHEN …
THEN …
ELSE …
END
Case statement CASE location
WHEN 'home’
THEN 'off'
WHEN 'work’
THEN 'on' ELSE 'silent' END

17. AWS IoT – SQL Reference
SELECT DATA FROM TOPIC WHERE FILTER
• Properties from the JSON Object in the payload
• “.” Operator
• “..” Operator
• “*” Operator
• Apply functions to attribute value

18. AWS IoT Rules Engine Actions
RULES ENGINE
Transform messages
based on rules and
route to AWS Services
AWS Services
- - - - -
3P Services
AWS Services
- - - - -
3P Services

19. 1. AWS Services
(Direct Integration)
Rules Engine
Actions
AWS IoT Rules Engine
AWS
Lambda
Amazon
SNS
Amazon
SQS
Amazon
S3
Amazon
Kinesis
Amazon
DynamoDB Amazon RDS
Amazon
Redshift
Amazon Glacier
Amazon
EC2
3. External Endpoints
(via Lambda and SNS)
Rules Engine connects AWS
IoT to External Endpoints and
AWS Services.
2. Rest of AWS
(via Amazon Kinesis, AWS
Lambda, Amazon S3, and
more)

20. AWS IoT Rules Engine
Rules Engine evaluates inbound
messages published into AWS
IoT, transforms and delivers to the
appropriate endpoint based on
business rules.
External endpoints can be
reached via Lambda and Amazon
Simple Notification Service
(Amazon SNS).
Invoke a Lambda function
Put object in an S3 bucket
Insert, Update, Read from a
DynamoDB table
Publish to an SNS Topic
or Endpoint
Publish to an Amazon Kinesis
stream
Actions
Publish to Amazon Kinesis
Firehose
Republish to AWS IoT

21. AWS IoT to AWS Lambda to and External Endpoint
Lambda Function
Rules Engine
PolicyPrivate Key
& Certificate
Thing/Device
Rule
SDK
AWS IoT AWS Services
Execution
Role
Policy
External Endpoint
Permission
Select * from ‘iotbutton/+’
Action

22. AWS IoT to Amazon DynamoDB to Dashboard
DynamoDB Table
Rules Engine
PolicyPrivate Key
& Certificate
Thing/Device
Rule
SDK
AWS IoT AWS Services
Policy
Dashboard
IAM
Role
Select * from ‘iotbutton/+’
Action
DynamoDB S3 Website

23. AWS IoT Rules Engine for Machine Learning
Anomaly Detection
Amazon Machine Learning can feed predictive evaluation criteria to the Rules Engine
Continuous Improvement Around Predication
Continuously look for outliers and re-calibrate the Amazon Machine Learning models
Send to S3
Amazon
Machine
Learning
Re-Train
S3

24. AWS IoT Rules Engine & Stream Data
N:1 Inbound Streams of Sensor Data (Signal to Noise Reduction)
Rules Engine filters, transforms sensor data then sends aggregate to Amazon Kinesis
Amazon Kinesis Streams to Enterprise Applications
Simultaneously stream processed data to databases, applications, other AWS
Services
Ordered Stream
Amazon
Kinesis

25. In this session, we are going to dive deep
RULES ENGINE
Transform messages
based on rules and
route to AWS Services
DEVICE SHADOW
Persistent thing state
during intermittent
connections

26. AWS IoT Device Shadow
Shadow
Virtual representation
of your device in the
cloud
• Device State
• desired
• reported
• Device metadata
• Sensors
• Version
• clientToken
• timestamp

27. AWS IoT Shadow Flow
Shadow
Device SDK
1. Device Publishes Current State
2. Persist JSON Data Store
3. App requests device’s current state
4. App requests change the state
5. Device Shadow sync’s
updated state
6. Device Publishes Current State
7. Device Shadow confirms state change
AWS IoT

28. AWS IoT Device Shadow Topics (MQTT)
Thing SDK (C-SDK, JS-SDK)
makes it easy for you build shadow
functionality into your device so it
can automatically synchronize the
state with the device.
AWS IoT Thing Shadow
UPDATE: $aws/things/{thingName}/shadow/update
DELTA: $aws/things/{thingName}/shadow/update/delta
GET: $aws/things/{thingName}/shadow/get
DELETE: $aws/things/{thingName}/shadow/delete
Sensor Reported Desired Delta
LED1 RED YELLOW
LED1 =
Yellow
TEMP = 60F
ACCEL X=1,Y=5,Z=4 X=1,Y=5,Z=4
TEMP 83F 60F

29. Thing Shadow – Document Format
{
“state”: {
“desired” : {
“color”: “RED”,
“sequence” :
[
“RED”,
“GREEN”,
“BLUE”]
},
“reported” : {
“color” :
“GREEN”
}
}
“metadata” : {
“desired” : {
“color” : {
“timestamp” : 12345
},
“sequence” : {
“timestamp” : 12345
}
},
},
“version” : 10,
“clientToken” : “Unique-client-token”,
“timestamp” : 123456
}

30. Demo: Avnet Broadcom WICED

33. Automatically clean when lights go off (night time)
desired: {
“status”: “RUNNING”
}
shadow/update update/accepted
Republish vacuum/shadow/update
vacuum/update/delta
reported: {
“AmbientLightValue”: 55
}
Rules Engine
Shadow
Shadow
One sensor automatically triggering the other device!
Select * from $/update/accepted where
AmbientLightValue <100

34. Automatically clean when lights go off (night time)
desired: {
“status”: “RUNNING”
}
shadow/update update/accepted
Republish vacuum/shadow/update
vacuum/update/delta
reported: {
“AmbientLightValue”: 55
}
Rules Engine
Shadow
Shadow
One sensor automatically triggering the other device!
Select * from $/update/accepted where
AmbientLightValue <100

35. Turn Off Automatic Cleaning At Night or Trigger
Manually using the Mobile App
Android App
UpdateThingShadow
Desired: {
“status”: “RUNNING”
}
$aws/things/light/update
$a/vacuum/update/delta
Shadow
Shadow

36. AWS IoT
DEVICE SDK
Set of client libraries to
connect, authenticate and
exchange messages
DEVICE GATEWAY
Communicate with devices via
MQTT and HTTP
AUTHENTICATION
AUTHORIZATION
Secure with mutual
authentication and encryption
RULES ENGINE
Transform messages
based on rules and
route to AWS Services
AWS Services
- - - - -
3P Services
DEVICE SHADOW
Persistent thing state
during intermittent
connections
APPLICATIONS
AWS IoT API
DEVICE REGISTRY
Identity and Management of
your things

37. Thank you!

38. Remember to complete
your evaluations!