Pradeep Singh | 5th Mar 2017
AWS IoT platform provides secure, bi-directional communication between Internet-connected things (such as sensors, actuators, embedded devices, or smart appliances) and the AWS cloud.
The following diagram shows the high-level architecture of AWS IoT Platform with its components –
High-level Components on AWS IoT:
Following are high-level components of AWS IoT Platform –
1. Device gateway and MQTT Broker
2. Rules Engine
3. Registry (Things, Shadow and Shadow Service)
4. Security and Identity (Certificates and Policies)
Let’s explore these components brief description of these components –
1.1 Device Gateway and MQTT Broker:
Device Gateway enables devices to securely and efficiently communicate with AWS IoT.
Things report their state by publishing messages, in JSON format, on MQTT topics. When a message is published on an MQTT topic, the message is sent to the AWS IoT MQTT message broker, which is responsible for sending all messages published on an MQTT topic to all clients subscribed to that topic.
1.2 Rules Engine:
Using Rules Engine your things can interact with AWS and other web services. Rules are analyzed and actions are performed based on the messages sent by your things. You can use a SQL-based language to select data from message payloads, process and send the data to other services, such as Amazon S3, Amazon DynamoDB, and AWS Lambda.
Registry organizes the resources associated with each thing. You register your things and associate up to three custom attributes with each thing.
Thing Shadow is a JSON document that is used to store and retrieve current state information for a thing. Thing Shadow service provides persistent representations of your things in the AWS cloud. This service keeps the Thing State synchronized with your device.
1.4 Security and Identity:
AWS IoT uses TLS 1.2 based authentication using Certificates. You can create certificates from AWS IoT Console or upload your own certificates to connect your devices with AWS IoT Platform.
AWS IoT policies give things permission to access AWS IoT resources (like other things, MQTT topics, or thing shadows). Policies are checked for each and every MQTT operation like connect, publish, subscribe, receive; and shadow operations like get, update and delete.
Following documents from Amazon may help you to understand this platform easily –