20180327 AWS Black Belt Online Seminar AWS IoT におけるデバイス管理

7 8 ,1. 1 /1 8/ 22 1 3 1 1 10
W c d
I S ehf ab
AWS Black Belt Online Seminar
, A T g

1 18 ..121 8 22 1 08 ,
na i
e ( L TW
L TW
b KA d
) S I
) ( ) , / /
mh

1 18 ..121 8 22 1 08 ,
, 8: , E 3B B A B8D
1 : O a I c a e m rJW
& L
n J o W b c
0C E:
( ) L
iJtl do J
& . 28A9 8 E:
a~ ORT cR S
e m rJ lhk J ie
// . . / . /. -.

1 18 ..121 8 22 1 08 ,
• u )t (s j nl Mca S b
/. hiojgm 7 0 A 0 0 2 W
• y S Mdb /. hiojgm
w /. hiojgm f W b
• b su v M z q prf e w
f W b
/. 3 A 18 38 82 C A /. 828 8A C1:82: 0 08:01: 0 3 8A AC1 2 270 8 022 30 2 8 7 7 /. ,CA 0 08:01:
0 7 0 A 0 0 2 0 828 8 0 8 8 2:C3 3 8 78A 3 2C 8A 83 3 : 0A 0 A 8 0 CA0 270 A /. A 82 A
10A 3 2 08 8 0 8 70 C 70 83 3 7: 270 A 8:: 1 10A 3 C 02 C0: CA /. A 82 A 0 3 0 0 7 A 8 0 A
83 3

1 18 ..121 8 22 1 08 ,
C
r
o a/T / C
IWS =
o
s t t I
C
W C C WS P
o AC

1 18 ..121 8 22 1 08 ,
•
•
•

1 18 ..121 8 22 1 08 ,
/
• I a B
• = B
de W g h c C wy
t A R G Si a E
) = ( Ca t T sn wy
r A P E Rl S
• / / M yo 2

1 18 ..121 8 22 1 08 ,
•
• ) (
https://docs.aws.amazon.com/ja_jp/iot/latest/developerguide/device-certs-your-own.html#create-
device-cert

1 18 ..121 8 22 1 08 ,
A C
) I
• )
• )
)
• )
• (
• (
• )
• (
• (
/
/
C
=
A

1 18 ..121 8 22 1 08 ,
/ /
IJ P
P A a S
P A A a e
W cT

1 18 ..121 8 22 1 08 ,
+ a g Co
-
- A
.
RW T T IC A
- < - /
A S ED
T $ > - <-
https://aws.amazon.com/jp/blogs/news/new-just-in-time-certificate-registration-for-aws-iot/
a c / /
Ag lnI R
T i
) - (k
e AT
JD V Tm E
hb
{
"certificateId": "",
"caCertificateId": "",
"timestamp": "",
"certificateStatus": "PENDING_ACTIVATION",
"awsAccountId": "",
"certificateRegistrationTimestamp": ""
}

1 18 ..121 8 22 1 08 ,
https://github.com/aws-samples/aws-iot-examples/blob/master/justInTimeRegistration/deviceActivation.js
Policy template
Create Policy
attach Policy
activate
Just in time registration A

1 18 ..121 8 22 1 08 ,
/ /
H :
B H
Amazon
DynamoDB
AWS IoT
AWS IoT Amazon
DynamoDB
AWS
Lambda
response/topic
policy
mqtt topic
HTTP request
AWS
Lambda
devicedevice
Amazon API
Gateway

1 18 ..121 8 22 1 08 ,
oiCu T
. ) W
• . ) A ) S A
W A I J
W
• a T A S v S
gumtCsv T r m
2 24 /
• lne 33 2 . S S B
W A cf dpCm A
S12 2 PI a
/ 4
• T 1S y

1 18 ..121 8 22 1 08 ,
B
- ) sn p J sn
• t lJ J 2 3 ) u I
l J D
• sn e m
2 24 12 2
• t W 2 C
roJ l g l IT J
• - ) I r J t
2 1
• e c t J A e SJ e
a i J D

1 18 ..121 8 22 1 08 ,
- e
re
u
hu h I
t
S
W ibl M
3 k M T sc
A M n
A p
o
2,

8.A 9 ,2 2 02 90 . 2 5 2 2 21
,
IoT certificate
Amazon S3
Amazon
DynamoDB
IAM RolePermissions
IoT thing
Control via IoT/MQTT
Data via HTTPS
e.g.,
Streaming video (CCTV)
Telemetry upload (Sensors)

1 18 ..121 8 22 1 08 ,
9
3)1 32
32
3)
32 21
))
1
e.g) wget tempolay I
wget
--private-key= private.pem.key
--certificate= certificate.pem.crt
--ca-directory= AmazonRootCA1.pem
https://<your_info>.credentials.iot.us-west-2.amazonaws.com:443/role-aliases/<2
alias>/credentials
https://docs.aws.amazon.com/ja_jp/iot/latest/developerguide/authorizing-direct-aws.html
5 0 5 . 5
)Credential A 2) CreateRoleAlias API (900-3600 )

1 18 ..121 8 22 1 08 ,
X.509
Certificate
AWS SigV4 Instances
Corporate data
center
Key/token
IoT thing
lightbulb
IAM
Lambda
function
AWS IoT
https://aws.amazon.com/jp/blogs/security/how-to-use-your-own-identity-and-access-management-systems-to-control-access-to-
aws-iot-resources/

1 18 ..121 8 22 1 08 ,
) -
) - P - )
) ) >
G T >= >=

1 18 ..121 8 22 1 08 ,
(7
• (7 T G
• (7 eg )2 7-7 1: G
• ,12 0 (7 a
• eg PH L hT
• c - 2 7 7 H h G
• (7 H P
• eg eg
• PH 2 :

1 18 ..121 8 22 1 08 ,
W aAb W S
W aAbu
18 b Ai
poy
) / 2 5
( shadow )
42 h W Sad nbmAl IB
hl 513 ws B
ws D (-2 t
18
T
K BIad a ne An

1 18 ..121 8 22 1 08 ,
lh uo uW
35 B A=53 bd
• w Wa ln i 35 BeA=53 Sd
d
• I ( I , 3: , B .3: 53 yD
35 B A=53
• Dit ms W = Sd D )
d
• T ypt r
20 1W D, 3: ,
• 0 35 B e L P

1 18 ..121 8 22 1 08 ,
<67 P J
aP d
46= 7 = A76 4 7
d
64A7T =
I
= G =5S
A4A S
( 1 46= 64A7
WT 0.
) b S
31 .=2 b

1 18 ..121 8 22 1 08 ,
4cpSa 5 3D
1 / ee d bb yl ba ot6 5 D6 D 4 66 6 _hu
$ 3 D D K 4D 355
cD 4D5C 4
3 D D K 4D
4 D
4f{cjr
4 Pb kg
$ D 4D5C 4 c5 D
( 3 D D K 4D J I
cD 4D5C 4
) 4sn
) J I 4 jr ba
7) $aws/things/{thing }/jobs/{job-
id}/update
publish
pS 4ckg
- 2 C DD 1 55 DD
vxjr
wm ai ( D 4D5C 4 Cc
I
job A

1 18 ..121 8 22 1 08 ,
•
J
•
J :
b Job 90 90 list i
m Job z c nAPI S g vW o
job dfael r I Jobb scriptI hs jobb fael
t A

1 18 ..121 8 22 1 08 ,
+ Tcados" (#
+ { os
) hg imd mb ) - u }i j
-3 u
+ S 1 / A / 3 A S
S e e 1 1W
/ $ np 1 3 1 r w
" tI # J

1 18 ..121 8 22 1 08 ,
)
) J
3 A >A2 ( =/ 1 I A J
> A J
c f
Thing / Thing Group
Task documentI
SW Job dIJSON
I AS3 e
gI
ba I f

1 18 ..121 8 22 1 08 ,
C Y dg u $ $
H E N_DH A P n U C NaT DH A
GCD wtb rS_
GCD I G B / C / ) HD G
ps CBicM h wtbO JDH A GC GCD Jjelb t
{ "status": "IN_PROGRESS", "statusDetails": { "progress": "0%" }, "expectedVersion":"",
"clientToken":"" }
C b RUOo / 1 )33b3 ))()( R DH A S_
statusDetails
device
A

1 18 ..121 8 22 1 08 ,
T W I
S I A
A

1 18 ..121 8 22 1 08 ,
6 J
Shadow
Device SDK
6
7 3
5
O N 6 6
O N 6
O
1 2
S
3 O N . 6
O
6
6
1 2 4
AWS IoT

1 18 ..121 8 22 1 08 ,
N
1
1 0
0 0
,
01 "
" pe d N g
N a
io :
g a
N l
N , 1 0 nF0 0
O

1 18 ..121 8 22 1 08 ,
F :
"engine" : ”OFF”
01 1
0
, ,
1
, ,
0 , "

1 18 ..121 8 22 1 08 ,
:
"engine" : ”ON”
01 1
0
, ,
1
, ,
0 , "

1 18 ..121 8 22 1 08 ,
, :
"engine" : "ON”
1
1 0
0 0
,
01 "

1 18 ..121 8 22 1 08 ,
) ( :
"engine" : "ON”
(
) ,1 )
,
"
1 0 1 )
,
"
) (
,
"
1 ,

1 18 ..121 8 22 1 08 ,
1 0 0 02:
“temp" : 20
12 2
1 0
2 ,
5
0 02
2 ,
5
5
01 "
5
IoT thing
thermostat
e.g)

1 18 ..121 8 22 1 08 ,
2 1 1 0 1 :
“temp" : 25
5
2 5
2 1 5
0
1 0 1 5
0
, 5
0
12 "
IoT thing
thermostat

1 18 ..121 8 22 1 08 ,
/ n i
sg v / ) c sg
obhu a bpw
t $ ) Srl e
/ v
) / /
$ / df / g
m

1 18 ..121 8 22 1 08 ,
JRO E 588 8 =
MP K ,0 ,0 ,0 D
JRO E 588 QL FTS
AWS IoT Thing Shadow
/ A 1 :1
A 1 :1 1
A 1
A 1 1
: 1 1
6-, -113
1-, C
8- 4 ($$
) (
https://docs.aws.amazon.com/ja_jp/iot/latest/developerguide/device-shadow-mqtt.html

1 18 ..121 8 22 1 08 ,
)In=d
( G= a svG rI
= = b = pi m
, ( S fG J tI
( h m ( w
( e om G h u
n> m G

1 18 ..121 8 22 1 08 ,
?G
A? I
Gateway/Edge Computer
Thing
Thing
Thing
mqtt
BLE etc
?
/

1 18 ..121 8 22 1 08 ,
l b S to O
0 1 65 5 s
• W ul , 11 -- 1 N
E
• W 9 365:
p ul
W p ul
• ul i W A CTNE
m A b I h AMQ
https://docs.aws.amazon.com/ja_jp/general/latest/gr/aws_service_limits.html#limits_iot

1 18 ..121 8 22 1 08 ,
if
(
h n
g
) ( m

1 18 ..121 8 22 1 08 ,
I
AWS
• http://aws.amazon.com/jp/aws-jp-introduction/
• S I Q&AW A
• http://aws.typepad.com/sajp/

, 8 0 0 .0 8. 11 , 0 2 0 0 0/
@awscloud_jp
cA TWS cAFde cA
F W W c b I
http://on.fb.me/1vR8yWm
0 ,.0
c Fa I

1 18 ..121 8 22 1 08 ,
l An c i
AWS S l fn Abh e g
m A o W A i
https://aws.amazon.com/jp/contact-us/aws-sales/
AWS n c ad I

:/ . 0 - 71 1 7 447 7/ 7 2
.- . 1 7 1 2 l it e zW
• . 1 7 1 2 aI bI ShQ vsl n S j
.-u m Sw f l
e
/ / 1 A2 1 : / 1 7 1 2 1 A 7 , 8 :
• pc
• rd go

20180327 AWS Black Belt Online Seminar AWS IoT におけるデバイス管理

Recommended

Recommended

More Related Content

More from Amazon Web Services Japan

More from Amazon Web Services Japan (20)

Recently uploaded

Recently uploaded (20)

20180327 AWS Black Belt Online Seminar AWS IoT におけるデバイス管理