Hardware components | ||||||
 |
| × | 1 | |||
Software apps and online services | ||||||
 |
| |||||
 |
| |||||
 |
| |||||
 |
| |||||
 |
| |||||
 |
| |||||
A network of devices will be implemented that manage the reception and user attention that allows scanning a QR code to redirect it to an ecommerce from there, the receipt of a new order will be notified, which will be attended and once the order is ready, a notification to the device indicating that you can now pick up your order.
Aws user configurationAs a first measure we require an AWS account and later generate a new user and assign a policy that for this example will be the AdministratorAccess which grants the necessary permissions for this example, this practice is strongly not recommended in any case and manage the policies under the least privilege resource to avoid attacks or security vulnerabilities, for more information visit the following link Security best practices in IAM - AWS Identity and Access Management (amazon.com).
For the construction of our project we require the following tools
Install nvs in Windows
https://github.com/jasongin/nvs/releases/download/v1.6.0/nvs-1.6.0.msi
Install Ubuntu in Windows
Install NodeJs
Once NodeJs is installed we will create a folder that will contain our infrastructure implemented as code for this we will install the Serverless framework with the following command:
npm install -g serverless
Next, we proceed to configure the access credentials to Aws using the following command:
serverless config credentials –provider aws –key {value} –secret {value}
Then we proceed to implement a template in python to manage the upload of our build compilation folder of our ecommerce project to an S3 bucket in a public way
serverless create –template aws-python3
The ecommerce project can be found at the following link https://github.com/MiyyerGaitan/ProjectEcommerce once the repository is cloned we run the following commands:
npm install
To deploy the environment locally
npm run serve
To compile and generate the dist folder
npm run build
We add our files from the build folder to a new folder called frontend at the root of our serverless project, then we install a plugin that will help us upload our compilation from code to an S3 bucket with the following command:
npm install --save serverless-finch
Once installed we need to modify the serverless.yml file with the parameters bucketname which is a unique identifier for our bucket, distributionFolder the path from where the files will be loaded and an error configuration file that in our case will redirect to index.html.
Once the parameters have been set, with the following command we deploy to AWS in the development stage in a specific region and whose response will return the url where our ecommerce is loaded publicly.
serverless deploy –stage dev --region your-region
As shown, our server does not have the HTTPS protocol implemented, so with the help of AWS Cloudfront we will provision the SSL certificate to our ecommerce, we go to our console and look for the service and we will create a new distribution, the origin domain parameter we write the url of our website and we also select Redirect HTTP to HTTPS in the viewer section, we leave the other parameters as they are and click on create distribution, once the distribution is created we select edit.
And we modify the Default root object parameter to always redirect our traffic to the HTTPS channel even using the root (/) resource instead of a specific object.
In this way, our ecommerce was provisioned with the HTTPS security layer through an SSL certificate from AWS Cloudfront.
Now we proceed to configure our web page that will be able to communicate with the AWS Iot Core and be able to interact with the connected devices that will receive the orders and will be able to send notifications directly to the devices located on the restaurant tables with the purpose of alerting the customer to come to claim your order.
For our administrator project, the following repository will be cloned https://github.com/MiyyerGaitan/ProjectAdministrator.git and replicating the previous steps will create an S3 bucket that has public access to our restaurant administrator website, in the same way the SSL certificate that is a mandatory requirement to be able to link our web portal to an action in the AWS Iot Core console.
Once the previous steps have been replicated, we proceed to configure an endpoint to which an authentication token will arrive to guarantee that the data is sent to an endpoint of our property, Aws Iot Core Rules Engine issues a challenge message to the specified end with a token. Once the token has been obtained, it must be enabled, which case for this example will be done through the Aws Iot Core console, actions> destinations> Confirm and enable, but the ideal is to automate this process so that it is much more practical in a more professional use case. see the following link for more information Route data directly from IoT Core to your web services | The Internet of Things on AWS – Official Blog (amazon.com)
We proceed to develop a Lambda function that allows to serve the Post request sent by Rules Engine and thus be able to retrieve the verification token, for this we are going to modify the serverless.yml file of our administrator project and create a function called get-token-aws- iot.py located in a backend folder.
With the modified code we proceed to run the deploy serveless command to upload the changes to AWS and as a response it will give us the Url to access the resource through Aws Api Gateway and which will execute the Lambda function that will print the token that can be obtained later from Aws Cloudwatch.
Once the resource that will serve the Post request has been created, the action is generated from the Aws Iot Core console in the Act > Destination > Create an HTTP target section and we write the url of our previously created resource. Now we will go through the Aws Cloudwatch logs to retrieve the token as shown below:
Once the previous process has been carried out, it is possible to publish and subscribe to the MQTT topics of our device.
Aws Iot Core 2 device configurationIn the first instance we need to install VsCode and Platformio once installed we create a new project and select the following parameters:
Once the project is created, a folder called components is created in the root of the project and the following three folders are copied
https://github.com/m5stack/Core2-for-AWS-IoT-EduKit/tree/master/Blinky-Hello-World/components
Containing the SDK and libraries for our Aws Iot Core 2 as well as other configuration files as shown in the Api-reference provided in the Aws documentation Core2 for AWS IoT EduKit BSP: Overview (workshop.aws)
Once the aforementioned is done, we add the following code to the main.c file, and we add the additional configuration files and their corresponding .hs in the includes folder (blink.c, wifi.c, power.c, home.c) that are found in the following repository https://github.com/MiyyerGaitan/Hackster-Edukit-Aws-Project
For this project it is required that our device shows a qr code on its screen that allows the user to redirect it to the ecommerce of our restaurant and for this purpose we will use an online qr code generator as shown below:
Bear in mind that the image cannot exceed 320x240 px, which are the dimensions of our lcd screen, once the qr code has been generated, the image is converted into a format suitable for our device at the following link https: // lvgl. io / tools / imageconverter there will generate an array of bits which will be added in the project.
In the main.c file our aws iot core endpoint is added and the topic to which our device is going to subscribe.
You must also change the Wi-Fi connection settings in the wifi.c file.
For our device to connect to Aws Iot Core, digital certificates and a valid policy are required for this purpose, we have a Python script for this purpose and it is available at the following link https://github.com/m5stack/Core2-for-AWS-IoT-EduKit/blob/master/Blinky-Hello-World/utilities/AWS_IoT_registration_helper/registration_helper.py
For this purpose we will use Ubuntu WSL previously installed, once it is our console we will proceed to install a virtual python environment and execute it as follows:
pip3 install virtualenv
python3 -m venv mypython
cd myphyton/bin
source activate
Once the virtual environment is installed and activated, we will go to the path where our project is located in the utilities folder and locate the python script registration_helper.py
cd
cd /mnt/c
cd Edukit/Core2-for-AWS-IoT-Edukit/Blinky-Hello-World/utilities\AWS_IoT_registration_helper\registration_helper.py
Example from the Ubuntu console with the virtual environment activated, it is recommended for simplicity of use, always work from files that are in the root of the local disk C
Modify line 67 of the registration_helper.py file as follows
In addition, lines 65,112,263,282 of the file must be replaced utilities\trustplatform\TrustnGO\Microchip_manifest_handler.py
In addition, lines 85 of the file must be replaced utilities\trustplatform\TrustnGO\Microchip_manifest_handler.py
We connect our hardware and identify the assigned COM port
To run the script we need to assign administrator permissions to the port and run the script with the following commands:
sudo chmod 666 /dev/ttyS5
python3 registration_helper.py -p /dev/ttyS5
Once the above is done, it can be validated that the device has been registered and has been assigned a policy and permissions to be able to interact with Aws Iot Core
Finally, the code is loaded to the device which will be listening to the publications on the topic table1 which from the front administrator, when pressing the Table 1 button, the notification will be sent and the device will begin to vibrate and illuminate the led bar in green color warning that the order this list.
Conclusions- Great advantages are identified in the use of Aws Iot Core 2 hardware, which has many quite useful peripherals, which allow prototyping and developing a fully functional and commercial product, with great security features by having ATECC608 secure element which guarantees a robust layer security and that is very important in the development of Iot technologies.
Comments