DEV Community

Michael Wahl for AWS Community Builders

Posted on • Edited on

IoT Sensor - AWS IoT & SNS with a Raspberry PI

Image description

Problem/Challenge

We have some indoor plants, and I have tried different reminders, but our family always seems to forget to water them. Using the small Raspberry PI with Wi-Fi, and temp and moisture probe allowed me to monitor moisture levels of the soil around the plant. When the level got too low, an email or SMS alert is sent, until the level is back within a normal range.

Solution/Steps

This was a fairly short lab/demo using AWS IoT with a RaspberryPI and Moisture sensor.
Step 1: Create the AWS IoT policy
Create an AWS IoT policy that allows your Raspberry Pi to connect and send messages to AWS IoT.
In the AWS IoT console, if a Get started button appears, choose it. Otherwise, in the navigation pane, expand Secure, and then choose Policies.
If a You don’t have any policies yet dialog box appears, choose to Create a policy. Otherwise, choose to Create.
Enter a name for the AWS IoT policy (for example, MoistureSensorPolicy).
In the Add statements section, replace the existing policy with the following JSON. Replace region and account with your AWS Region and AWS account number.

{
“Version”: “2012–10–17”,
“Statement”: [{
“Effect”: “Allow”,
“Action”: “iot:Connect”,
“Resource”: “arn:aws:iot:region:account:client/RaspberryPi”
},
{
“Effect”: “Allow”,
“Action”: “iot:Publish”,
“Resource”: [
“arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/update”,
“arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/delete”,
“arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/get”
]
},
{
“Effect”: “Allow”,
“Action”: “iot:Receive”,
“Resource”: [
“arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/update/accepted”,
“arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/delete/accepted”,
“arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/get/accepted”,
“arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/update/rejected”,
“arn:aws:iot:region:account:topic/$aws/things/RaspberryPi/shadow/delete/rejected”
]
},
{
“Effect”: “Allow”,
“Action”: “iot:Subscribe”,
“Resource”: [
“arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/update/accepted”,
“arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/delete/accepted”,
“arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/get/accepted”,
“arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/update/rejected”,
“arn:aws:iot:region:account:topicfilter/$aws/things/RaspberryPi/shadow/delete/rejected”
]
},
{
“Effect”: “Allow”,
“Action”: [
“iot:GetThingShadow”,
“iot:UpdateThingShadow”,
“iot:DeleteThingShadow”
],
“Resource”: “arn:aws:iot:region:account:thing/RaspberryPi”
}
]
}
Enter fullscreen mode Exit fullscreen mode
  1. Choose to Create. Step 2: Create the AWS IoT thing, certificate, and private key Create a thing in the AWS IoT registry to represent your Raspberry Pi. In the AWS IoT console, in the navigation pane, choose Manage, and then choose Things. If a You don’t have any things yet dialog box is displayed, choose Register a thing. Otherwise, choose to Create. On the Creating AWS IoT things page, choose to Create a single thing. On the Add your device to the device registry page, enter a name for your IoT thing (for example, RaspberryPi), and then choose Next. You can't change the name of a thing after you create it. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing. On the Add, a certificate for your thing page, choose to Create certificate. Choose the Download links to download the certificate, private key, and root CA certificate. To activate the certificate, choose Activate. The certificate must be active for a device to connect to AWS IoT. Choose to Attach a policy. For Add a policy for your thing, choose MoistureSensorPolicy, and then choose Register Thing. It's critical that you remember to attach a policy and attach a thing to your certificate or you won't be able to connect properly. Step 3: Create an Amazon SNS topic and subscription Create an Amazon SNS topic and subscription. From the AWS SNS console, in the navigation pane, choose Topics, and then choose Create topic. Enter a name for the topic (for example, MoistureSensorTopic). Enter a display name for the topic (for example, Moisture Sensor Topic). This is the name displayed for your topic in the Amazon SNS console. Choose Create topic. On the Amazon SNS topic detail page, choose to Create a subscription. For Protocol, choose Email. For Endpoint, enter your email address. Choose to Create a subscription. Open your email client and look for a message with the subject MoistureSensorTopic. Open the email and click the Confirm subscription link. Step 4: Create an AWS IoT rule to send an email Create an Amazon SNS rule In the AWS IoT console, in the navigation pane, choose Act. If a You don’t have any rules yet dialog box appears, choose to Create a rule. Otherwise, choose to Create. In the Create a rule page, enter a name for your rule (for example, MoistureSensorRule). For Description, provide a short description for this rule (for example, Sends an alert when soil moisture level readings are too low). Under Rule query statement, choose SQL version 2016–03–23, and enter the following AWS IoT SQL query statement:
SELECT * FROM ‘$aws/things/RaspberryPi/shadow/update/accepted’ WHERE state.reported.moisture < 300
Enter fullscreen mode Exit fullscreen mode

Step 5: Setup the Raspberry Pi and Sensor
Setting up your Raspberry Pi and moisture sensor
Green: I2C SCL White: I2C SDA Red: power (3.5 V) Black: ground On Welcome to Raspberry Pi , choose Next . Choose your…
docs.aws.amazon.com

Step 6: Save the file to a place you can find it. Run moistureSensor.py from the command line with the following parameters:
Remember, your actual file names and the path may be a bit different, but the command line itself should look very similar.

python3 moistureSensor.py — endpoint your-endpoint --rootCA ~/certs/AmazonRootCA1.pem --cert ~/certs/raspberrypi-certificate.pem.crt --key ~/certs/raspberrypi-private.pem.key --thingName RaspberryPi --clientId RaspberryPi

Enter fullscreen mode Exit fullscreen mode

Discussion

I discovered later on, the ability to schedule audits on devices, and get results showing whether the device was compliant over time, and with the associated severity of various checks being performed. There was list of many other security device defenders including as I mentioned above the ability to audit >> take actions. The ability to detect alarms based on abnormal activity, and then using pre-built mitigations >> take actions.

Top comments (0)