Getting started with Amazon IoT button (Part II)

Amazon IoT button
AWS IoT button

In the first part of this Getting started with IoT button post, we configured the WiFi connection and set up certificates for secure communication with AWS cloud. The data sent with every button press looks like that:

{"serialNumber": "G030JF05XXXXXXXX","batteryVoltage": "1592mV","clickType": "SINGLE"}

Besides sending, the device has to do operations with this data like publishing it on a MQTT topic. Since all actions in AWS are tightly controlled for security purposes, the device needs a permission to perform actions. Policy is a form of such permission.


Create a policy

Creating a policy starts with clicking Create a resource and choosing Create a policy tab.

Create AWS IoT policy
Create AWS IoT policy

In order to publish to a particular topic, select iot:Publish action (it is easy to find it in the drop-down list after typing the first few letters). The content of the resource field depend on the selected action.  Since we selected Publish, we need to provide topic identifier as a resource (read more about resources and topics here). Resources follow somewhat complex naming convention:

arn:aws:iot:your-region:your-aws-account:topic/iotbutton/your-button-serial-number

This is similar to the REST API endpoint, since it contains your AWS account number (endpoint subdomain) and region (for example, us-east-1). We already used the serial number as well when setting up WiFi access. With all previously collected info, it is easy to create the correct ARN:

arn:aws:iot:us-east-1:xxxxxxxxxxxx:topic/iotbutton/G030JF05XXXXXXXX

Check the Allow box, click on Add statement  (single policy can contain multiple statements) and Create.  The policy is now visible in the list of resources.


Attach the policy and the thing to the device certificate

In order to work properly, the newly created policy has to be attached to the device certificate. Also, the certificate should be associated with the thing we created in the first part. To perform this association, select the certificate in the resource list and click on Actions menu. Attach both the policy and the thing to the certificate. The certificate is finally complete!

Attach policy & thing to the certificate
Attaching the policy & thing to the certificate
IoT policy properties
IoT policy properties after attachments

 

 

 

 

 

 

 

If you press a button on the device at this point, it will send the data and publish it to the iotbutton topic. LED indicator should turn solid green for several seconds, indication successful publish outcome. As a test, try to detach the policy – the LED will flash red. Also try detaching the thing. Surprisingly, the thing really does not make a difference – even without it the message is published.

You can subscribe to a topic and receive messages by using the MQTT client built into AWS IoT or with the standalone application like MQTT.fx (more MQTT clients here). Subscribe to the iotbutton/G030JF05XXXXXXXX topic to view messages for a specific device or iotbutton/+ if you have multiple buttons.


Create and configure a rule

AWS IoT can perform actions when a messages is published through the use of rules. Creating a rule is similar to creating any other resource. In the Create rule dialog, fill in the name and description fields first. We need to create an SQL query that will be used to monitor published messages. This is done by specifying the Attribute field and the Topic filter. Since we are interested in the IoT button topic, type in the familiar iotbutton/G030JF05XXXXXXXX. Attribute can be a specific field of the payload, such as clickType or batteryVoltage, but we can also use  for all fields. Condition is not required and can be left blank, unless we want to trigger the rule only when battery voltage falls below a certain threshold, for example.

 

Create a rule dialog
Create a rule dialog

Finally, we need to select an action from the expansive list of available actions. We are currently interested in the sending a text message or an email as the click notification, so select the SNS service.

Select action from AWS services
Select an action from the list of AWS services

We have not selected any targets for the notification. Let’s follow Create a new resource link to create a target for the AWS Push Notification Service (SNS). Targets for the rules are called topics in the SNS parlance.


Create SNS topic

Hit Create new topic button on the newly opened SNS dashboard and input name and display name of your topic.

Create SNS topic
Create SNS topic

Create the topic and click on its ARN in the list of topics. This should display topic details. As you see, the topic currently has no subscriptions – i.e. addresses or phone numbers to send notifications to. You can add a number or an email address by creating new subscription.

Creating new SNS subscription
Creating new SNS subscription

This process is straightforward, as Topic ARN field gets auto-populated, all you need to do is to choose the desired protocol (SMS, email or AWS Lambda function to name a few), enter the endpoint (cell number, email address, etc) and create the subscription. With the subscription and topic in place, lets go back to the IoT dashboard and continue with the rule creation.

Create a role
Create a role

SNS target is now the topic name. Message format field is not required and the only remaining thing to do is to specify the Role name. Click Create a new role  and specify role name – this is all. AWS will automatically add a new role into the Identity and Access Management (IAM) system and grant it a permission to push IoT notifications. With the role in place, Add action and Create  the rule. Notice that a rule can have multiple assigned actions.

Rules are independent of a particular device or certificate. They do not have to be attached to anything. AWS IoT rules engine will continuously monitor the messages and push notifications if the message matches SQL query specified in the rule.


Press the IoT button and receive text message

With all steps now complete, pressing a button sends a text message withing a few seconds. There are three distinct click types: single, double and long. In addition, the button sends voltage, which can be monitored over time. Counting clicks is another interesting project for learning AWS basics.

Final SMS notification
Final SMS notification from the IoT button

Getting started with Amazon IoT button (Part I)

Dash button CLIF
Press to order protein bars…
Amazon IoT button
or to learn AWS IoT

Dash Buttons help you buy stuff on Amazon by simply pressing a button. You can place an order on anything from laundry detergent to soft drinks by pressing one of these. They are essentially free after the first placed order. Amazon recently released the IoT button,  which orders absolutely nothing  and will cost you $20. Why would anyone buy that? Well, because it is easy and fun introduction to the Amazon IoT platform.

It serves as a perfect introduction to the workflow of the AWS IoT – part of the Amazon Web Services that helps connect devices to the cloud. The Internet of Things has two essential aspects to it. The “things” part are physical devices that interact with the user (a button) or the environment (a temperature sensor). The “Internet” part is the software responsible for processing the data and acting on it (placing an order or sending a text message alert). Getting started with the IoT thus requires working both with hardware and software. Designing and building connected devices might be challenging (although extremely interesting as well). The IoT  Button takes care of the hardware part of the equation, and gives you an opportunity to learn the “Internet” side of IoT.

Here is my take on the IoT button workflow – from unpacking to receiving SMS notifications.


Unpacking and AWS set-up

Amazon IoT button
Amazon IoT button packaging

The button comes in a neatly packaged and fully charged. Press it right out-of-the-box, and you will see red flashing light, which means the button has not been set up yet. It has no record of WiFi network SSID and password. There is also no destination to send the data.

First, create the Amazon Web Services Account here. After that you should see AWS console with the multitude of provided services. All we need now is to click AWS IoT icon to go to the AWS IoT homepage.

AWS Console
AWS Console

Create a thing

AWS IoT contains the list of all resources you created, a button to create a them and a link connect AWS IoT button. I found myself confused after following the link and decided to go back. I recommend clicking on the Create a resource.

AWS IoT homepage
AWS IoT homepage – click on Create a Resource

Choose Create a thing from the list of possible options and give it a name (for example, iot-button). It will have no type and no additional attributes so far. Clicking Create will add a thing, which is a virtual representation of some arbitrary physical device. Next, we need to make sure this newly created “thing” in the cloud is associated with the IoT button we have.

IoT Create a thing dialog
IoT Create a thing dialog

Create a certificate and download private key

The communication between the “virtual” thing and the physical button happens via secure MQTT protocol. This security scheme is using a certificate in combination with the public and private keys. All of them can be created in one simple step. Click on Create a resource again and choose Create a certificate. Certificates have to be activated, you can check the Activate box to do it now (or do it as a separate step later). 1-Click certificate button will create the certificate with keys and add them to the list of resources.

Create security certificate
Create and activate the security certificate

Right after creating the certificate you will have the only chance to save public and private key files. It is extremely important to do it. Private key is essential for the IoT button – this is how the button will identify itself and secure the connection to the cloud. Save all three files in a separate folder.

Save key files
Save the certificate and key files

Record the AWS endpoint

Apart from the certificates, the IoT button needs a web-address associated with the AWS cloud. You can get this information by clicking on the icon of the newly created ‘iot-button’ thing. The properties tab contains the REST API endpoint. It typically looks like this: https://xxxxxxxxxxx.iot.us-east-1.amazonaws.com/things/iot-button/shadow  Here, xxxxxxxxxxx is unique identifier of your IoT endpoint, us-east-1 stands for AWS service region. The rest – /things/iot-button/shadow specifies a particular devices. Record the xxxxxxxxxxx and the region (ex. us-east-1) – this information will be necessary for the IoT button set-up.

Device properties with AWS endpoint
Device properties with AWS endpoint

Upload certificates and WiFi set-up

We are finally ready to work with the IoT button itself. In order to enter the set-up mode, press and hold the button for 15 seconds, until the LED turns blinking blue. The device switches into Access Point mode and creates a WiFi network with with SSID Button ConfigureMe – xxx. The password is the last eight digits of the serial number located on the back of the button. Connect to the network and type http://192.168.0.1/index.html in your browser. This opens a simple web-form where we enter the previously collected information and attach key and certificate files.

IoT button set-up
IoT button set-up

Click Configure and the button will attempt to connect to the provided network, obtain IP and send the info to the IoT endpoint while flashing white LED light.

The certificate identifies the device to the IoT cloud back-end. However, it has not been given permission to actually publish any data. At this point, the LED will be flashing red, indicating unsuccessful publish process. Even though the WiFi connection works, we need to create appropriate rules


In the next post – Getting started with Amazon IoT button (Part II) – I will describe how to set up rules to process this information and send SMS and email click notifications.

Mapping the NSF funding data

NSF Funding levels:  funds obligated and estimated max per year (1996 - 2015)The National Science Foundation funds ~ 1/4 of all federally supported basic research, most of it in physical science and math. As a PhD student in physics,  I am supported in part by the NSF grants awarded to my PI and Brandeis University MRSEC. How does current level of  basic research funding compares to historical data? All the funding data by the government agencies like NSF is publicly available, but not easy to digest and analyze. I created a simple web-page that allows one to search NSF funding by PI,  institution or state. It also makes visualizing funding data on the state or city level very easy with interactive maps.

I looked up all NSF funding from 1996 through 2016 and sorted it by city and state. Looks like the amount of NSF funding peaked in 2009 and has been decreasing recently. Also there are two visible spikes in funding levels, in 2002 and 2010. I mapped the funding levels by city using plot.ly interactive maps. Here is one such map for 2015. You can find the rest of them on my plot.ly page.

2015 NSF and NASA Funding ($ Millions) - US Cities
2015 NSF and NASA Funding ($ Millions) – US Cities