This demo application connects to AWS MQTT broker using TLS with mutual authentication between the client and the server. It demonstrates the subscribe-publish workflow of MQTT.
Visit coreMQTT mutual authentication demo for further information.
Please note, that properly configured thing is required to successfully run the demo application.
- NXP IMXRT1050-EVKB Board (
target-type: IP-Stack, using FreeRTOS+TCP over Ethernet) - STMicroelectronics B-U585I-IOT02A Board (
target-type: WiFi, using on-board WiFi module) - Arm Virtual Hardware for Corstone-300 (
target-type: AVH, using VSocket)
Configure AWS IoT Thing:
- Modify the following definitions in aws_clientcredential.h:
clientcredentialMQTT_BROKER_ENDPOINT: Remote Host Address (AWS IoT->Settings in AWS IoT console)clientcredentialIOT_THING_NAME: Thing Name (AWS IoT->Manage->Things->Name in AWS IoT console)
- Modify the following definitions in aws_clientcredential_keys.h:
keyCLIENT_CERTIFICATE_PEM: Client CertificatekeyCLIENT_PRIVATE_KEY_PEM: Client Private Key
Configure WiFi Access Point (when connecting via WiFi):
- Modify the following definitions in socket_startup.c:
SSID: WiFi Access Point SSIDPASSWORD: WiFi Access Point PasswordSECURITY_TYPE: WiFi Access Point Security
- Prerequisites:
- CMSIS-Toolbox 1.1.0 or later
- Arm Compiler 6.18 or later
- CMSIS packs listed in Demo.csolution.yml
- Create
.cprjproject usingcsolution:
csolution convert -s Demo.csolution.yml -c Demo.<build-type>+<target-type><build-type>: Debug | Release<target-type>: IP-Stack | WiFi | AVH
- Build
.cprjproject usingcbuild:
cbuild Demo.<build-type>+<target-type>.cprj
- Connect and configure the debugger.
- Run the application and view messages in a debug printf or terminal window.
Note: click on Target links above for target specific information.
MQTT messages can be viewed in the AWS IoT console.
To build and run this application with a CI workflow on GitHub the following steps are required. For details refer to Run AMI with GitHub Actions.
-
Amazon Web Service (AWS) account with:
- Amazon EC2 (elastic cloud) access
- Amazon S3 (storage) access
- Registration to access AVH Amazon Machine Image AVH AMI
- User role setup for scripted API access
-
GitHub:
- Fork this repository with at least Write access rights
- Store the AWS account configuration (obtained in step 1) as GitHub Secrets - AWS Access values in the forked repository
-
AWS IoT Thing:
- Use the AWS IoT console to create a thing, download its certificates, create a policy, and attach the policy to the thing
- Store this configuration as GitHub Secrets - IoT Cloud Access values in the forked repository
GitHub Secrets - Values
The following (secret) configuration values need to be added to the repositories Secret store:
| Secret Name | Description |
|---|---|
| AWS Access | Settings and credentials to access AWS services for running Arm Virtual Hardware |
AWS_IAM_PROFILE |
The IAM Instance Profile associated with the AVH EC2 instance granting it access to required AWS resources. |
AWS_ASSUME_ROLE |
The AWS access role to be assumed for AWS access. |
AWS_S3_BUCKET_NAME |
The name of the S3 storage bucket to be used for temporary data storage by Arm Virtual Hardware. |
AWS_DEFAULT_REGION |
The data center region for running new AVH AMI. For example eu-west-1. |
AWS_SECURITY_GROUP_ID |
The id of the VPC security group to add the EC2 instance to. Shall have format sg-xxxxxxxx. |
AWS_SUBNET_ID |
The id of the VPC subnet to connect the EC2 instance to. Shall have format subnet-xxxxxxxx. |
| IoT Cloud Access | Settings and credentials required to connect an AWS IoT Thing |
CLIENT_CERTIFICATE_PEM |
Client (device) certificate |
CLIENT_PRIVATE_KEY_PEM |
Client (device) private key |
IOT_THING_NAME |
Client (device) name |
MQTT_BROKER_ENDPOINT |
MQTT broker host name |
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent