参考文档

https://docs.amazonaws.cn/en_us/greengrass/v2/developerguide/quick-installation.html?icmpid=docs_gg_console

过程记录

准备自动化安装过程中IAM需要的必要权限
https://docs.amazonaws.cn/en_us/greengrass/v2/developerguide/provision-minimal-iam-policy.html

本地用配置好的aws cli确认当前的IAM user

aws sts get-caller-identity

来到IAM控制台中先创建一个policy. 注意替换account-id为自己的账号ID, GreengrassV2TokenExchangeRole如果修改的话, 需要与后面安装过程中在--tes-role-name后面指定的名称一致(其实不用改, 后面不加参数默认用的就是这个名字). 另外注意此处内容中的arn:aws-cn与文档中写的arn:aws不一样, 注意修改

{"Version": "2012-10-17","Statement": [{"Sid": "CreateTokenExchangeRole","Effect": "Allow","Action": ["iam:AttachRolePolicy","iam:CreatePolicy","iam:CreateRole","iam:GetPolicy","iam:GetRole","iam:PassRole"],"Resource": ["arn:aws-cn:iam::account-id:role/GreengrassV2TokenExchangeRole","arn:aws-cn:iam::account-id:policy/GreengrassV2TokenExchangeRoleAccess"]},{"Sid": "CreateIoTResources","Effect": "Allow","Action": ["iot:AddThingToThingGroup","iot:AttachPolicy","iot:AttachThingPrincipal","iot:CreateKeysAndCertificate","iot:CreatePolicy","iot:CreateRoleAlias","iot:CreateThing","iot:CreateThingGroup","iot:DescribeEndpoint","iot:DescribeRoleAlias","iot:DescribeThingGroup","iot:GetPolicy"],"Resource": "*"},{"Sid": "DeployDevTools","Effect": "Allow","Action": ["greengrass:CreateDeployment","iot:CancelJob","iot:CreateJob","iot:DeleteThingShadow","iot:DescribeJob","iot:DescribeThing","iot:DescribeThingGroup","iot:GetThingShadow","iot:UpdateJob","iot:UpdateThingShadow"],"Resource": "*"}]
}

将policy应用到aws cli关联使用的用户

SSH到树莓派

# 安装jre(11)
sudo apt install -y default-jre# 创建用户
sudo useradd --system --create-home ggc_user
sudo groupadd --system ggc_group# 修改cgroups启动参数
sudo vi /boot/cmdline.txt
# 在末尾追加下面内容
cgroup_enable=memory cgroup_memory=1 systemd.unified_cgroup_hierarchy=0# 改完重启
sudo reboot# 重启后使用上面配置好IAM policy的user的AK/SK信息配置系统环境变量
export AWS_ACCESS_KEY_ID=xxxx
export AWS_SECRET_ACCESS_KEY=xxxx# 下载安装包
cd ~
curl -s https://d2s8p88vqu9w66.cloudfront.net/releases/greengrass-nucleus-latest.zip > greengrass-nucleus-latest.zip && unzip greengrass-nucleus-latest.zip -d GreengrassCore# 检查安装包内的GreenGrass版本信息
java -jar ./GreengrassCore/lib/Greengrass.jar --version
# AWS Greengrass v2.5.6# 执行安装
sudo -E java -Droot="/greengrass/v2" -Dlog.store=FILE -jar ./GreengrassCore/lib/Greengrass.jar --aws-region cn-north-1 --thing-name GreengrassRaspberryPi  --component-default-user ggc_user:ggc_group --provision true --setup-system-service true --deploy-dev-tools true

安装过程中输出内容:

Provisioning AWS IoT resources for the device with IoT Thing Name: [GreengrassRaspberryPi]...
Found IoT policy "GreengrassV2IoTThingPolicy", reusing it
Creating keys and certificate...
Attaching policy to certificate...
Creating IoT Thing "GreengrassRaspberryPi"...
Attaching certificate to IoT thing...
Successfully provisioned AWS IoT resources for the device with IoT Thing Name: [GreengrassRaspberryPi]!
Setting up resources for aws.greengrass.TokenExchangeService ...
TES role alias "GreengrassV2TokenExchangeRoleAlias" does not exist, creating new alias...
TES role "GreengrassV2TokenExchangeRole" does not exist, creating role...
IoT role policy "GreengrassTESCertificatePolicyGreengrassV2TokenExchangeRoleAlias" for TES Role alias not exist, creating policy...
Attaching TES role policy to IoT thing...
No managed IAM policy found, looking for user defined policy...
No IAM policy found, will attempt creating one...
IAM role policy for TES "GreengrassV2TokenExchangeRoleAccess" created. This policy DOES NOT have S3 access, please modify it with your private components' artifact buckets/objects as needed when you create and deploy private components
Attaching IAM role policy for TES to IAM role for TES...
Configuring Nucleus with provisioned resource details...
Downloading Root CA from "https://www.amazontrust.com/repository/AmazonRootCA1.pem"
Created device configuration
Successfully configured Nucleus with provisioned resource details!
Creating a deployment for Greengrass first party components to the device
Configured Nucleus to deploy aws.greengrass.Cli component
Creating user ggc_user
ggc_user created
Creating group ggc_group
ggc_group created
Added ggc_user to ggc_group
Successfully set up Nucleus as a system service

安装成功后即可在Amazon IoT控制台中看到设备的状态:

树莓派 + AWS IoT Greengrass相关推荐

云中树莓派（5）：利用 AWS IoT Greengrass 进行 IoT 边缘计算
云中树莓派(5):利用 AWS IoT Greengrass 进行 IoT 边缘计算云中树莓派(1):环境准备云中树莓派(2):将传感器数据上传到AWS IoT 并利用Kibana进行展示云中树 ...
利用 Amazon IoT Greengrass 在边缘 DIY 自动浇花系统
曾经有这样一则新闻,一男子智能养鱼遇断网,4万余斤鱼或因缺氧死亡.这个塘主通过手机App监控鱼塘情况并利用智能插座控制增氧机进行增氧:但因遇到网络故障,无法及时为鱼塘启动增氧设备而造成重大经济损失.这 ...
Amazon---IoT--Android和iOS上的实践，通过MQTT协议连接AWS IoT，并订阅和推送消息
因为公司有一个物联网项目需要使用到亚马逊到AWS-IOT服务,通过iot服务来控制物联网设备,国内和国外都没什么人用,连google都极少有跟这个有关帖子,所以做一个踩坑总结: 先放一个官方博客关于A ...
AWS IoT Core 资源
https://amazonaws-china.com/cn/iot-core/resources/ 文档开发人员指南 PDF 版本或 HTML 版本 AWS CLI 参考 AWS IoT ...
aws iot 连接时间_AWS IoT Core 定价
定价一览连接连接用于在您的设备与 AWS IoT Core 之间提供经验证的安全连接.连接按 1 分钟的增量进行计量,基于您的设备连接到 AWS IoT Core 的总时间. 例如,在美国东部(弗 ...
启明云端esp32开发板直连亚马逊AWS IOT平台实例控制灯泡演示
ESP32通过AWS IOT物联网平台接入物联网,Alexa亚马逊音箱触发Lambda对乐鑫ESP32进行控制,实现ESP32接入Alexa亚马逊音箱. 登录亚马逊AWS IOT Core后台,可以创 ...
亚马逊AWS IoT
亚马逊AWS IoT 原文链接:http://www.cnblogs.com/ibrahim/p/amazon-aws-iot.html 平台定位 AWS IoT是一款托管的云平台,使互联设备可以轻松 ...
玩转亚马逊 AWS IoT(1): IoT 业务梳理
文章目录 1 亚马逊 IoT 服务简介 2 账号与费用 2.1 IoT 服务费用 2.2 注册账号 3 亚马逊 IoT 系统关系图 4 亚马逊 AWS IoT 接入流程 5 IoT 网络交互图 1 亚 ...
AWS IOT C++ SDK 使用
测试在Linux环境下使用makefile. 使用的是openssl 作为mqtt的网络实现. C++ SDK samples 中PubSub.cpp写的很清楚该怎么用. 本文主要讲怎么把我们想要的部 ...
AWS IoT 物联网设备 - 即时部署 JITP 实战
为了保证通信的安全性,IoT 设备与 AWS IoT Core 的 MQTT 通信使用基于证书的 TLS 1.2 双向认证体系. 利用即时注册(JITR)功能,可以快速的进行设备证书注册及设备上线.但 ...

树莓派 + AWS IoT Greengrass

参考文档

过程记录

树莓派 + AWS IoT Greengrass相关推荐

最新文章

热门文章