This project provides an automated setup for AWS IoT Fleet Provisioning with Greengrass V2 on STM32MP1/STM32MP2 devices. By using CloudFormation, claim certificates, and an IoT provisioning template, this project enables scalable, secure, and automated provisioning of IoT devices, allowing them to self-register and maintain secure communication through AWS IoT.
- STM32MP135F-DK or STM32MP257F-DK : The device must be set up and accessible over the network.
- AWS Account: Access to an AWS account with permissions to manage IAM, IoT, Greengrass, and CloudFormation stacks.
- AWS CLI: Install and configure the AWS CLI on your local machine.
- Git Bash: Required for Windows users to provide a Unix-like shell compatible with the scripts.
- SSH Access: Ensure SSH access to the STM32MP1/MP2.
-
createFleetProvisioningStack.sh
- Creates the required CloudFormation stack to provision resources in AWS for IoT Greengrass and Fleet Provisioning.
-
updateConfig.sh
- Parses
template.yamland uses AWS CLI to collect and create required fields, automatically populatingconfig.json.
- Parses
-
execute.sh
- Copies necessary files to the STM32MP1/MP2 device and runs
setup.shremotely.
- Copies necessary files to the STM32MP1/MP2 device and runs
-
setup.sh
- Configures AWS IoT Greengrass V2 with Fleet Provisioning, generates a unique device name, installs dependencies, and sets up the Greengrass core device.
-
uninstall.sh
- Stops and removes Greengrass installation and configuration files from the system.
- Must be run on the MPU
-
config.json
- Configuration file for AWS IoT Greengrass and Fleet Provisioning, holding AWS region, claim certificate paths, endpoints, and provisioning details.
-
template.yaml
- CloudFormation template for provisioning Greengrass and Fleet Provisioning resources.
-
deviceCleanup.sh
- Cleans up IoT resources by deleting the IoT Thing, its certificates, and Greengrass core device.
On a PC with AWS CLI installed, clone this repository:
git clone https://github.com/stm32-hotspot/FleetProvisioning
cd FleetProvisioningUse createFleetProvisioningStack.sh to automte the setup of AWS IoT Fleet Provisioning by creating a CloudFormation stack, generating claim certificates, and attaching the necessary IoT policies.
./createFleetProvisioningStack.sh -s <STACK_NAME>Note: AWS CloudFormation Stack template can be modified in
template.yaml
Run updateConfig.sh to parse template.yaml and populate config.json with required AWS endpoint and configuration data:
./updateConfig.sh -g <THING_GROUP_NAME>Replace <THING_GROUP_NAME> with the desired name for your Thing Group. This step automatically updates config.json with:
- AWS Region
- Thing Group Name
- IoT Credential and Data endpoints
- Role Alias and Provisioning Template values from
template.yaml
The execute.sh script will handle file transfer and initiate setup on the board:
./execute.sh -i <Board.IP.ADDRESS>Replace <Board.IP.ADDRESS> with your STM32MP1/MP2 device’s IP. This step:
- Copies all necessary files to the STM32MP1/MP2.
- SSHs into the board and runs
setup.sh.
Note: This is the only script that will need to be ran once for every board.
To confirm your device is set up and registered as a Greengrass core device:
aws greengrassv2 list-core-devices --status HEALTHYTo remove AWS IoT Greengrass from your device, run uninstall.sh on the MPU:
chmod +x uninstall.sh
./uninstall.shNote: to ssh to MPU use the following command:
ssh root@<BOARD.IP.ADDRESS>
If issues arise, consider the following:
- Network Connectivity: Ensure device connectivity to AWS IoT endpoints.
- IAM Permissions: Verify permissions for IoT, Greengrass, and CloudFormation.
- Certificates and Policies: Confirm that the claim certificate and policies are correctly set up.
- Supported Region: Ensure that your AWS Region supports Greengrass V2. A list of supported regions can be found in the AWS Greengrass documentation.
- Viewing Logs: For troubleshooting Greengrass issues on the device, check the Greengrass logs located in
/greengrass/v2/logs/.