Install the Amazon IoT Greengrass Core software (console)
-
Sign in to the Amazon IoT Greengrass console
. -
Under Get started with Greengrass, choose Set up core device.
-
Under Step 1: Register a Greengrass core device, for Core device name, enter the name of the Amazon IoT thing for your Greengrass core device. If the thing doesn't exist, the installer creates it.
-
Under Step 2: Add to a thing group to apply a continuous deployment, for Thing group, choose the Amazon IoT thing group to which you want to add your core device.
-
If you select Enter a new group name, then in Thing group name, enter the name of the new group to create. The installer creates the new group for you.
-
If you select Select an existing group, then in Thing group name, choose the existing group that you want to use.
-
If you select No group, then the installer doesn't add the core device to a thing group.
-
-
Under Step 3: Install the Greengrass Core software, complete the following steps.
- Nucleus classic
-
-
Choose Nucleus classic as your core device's software runtime.
-
Choose your core device's operating system: Linux or Windows.
-
Provide your Amazon credentials to the device so that the installer can provision the Amazon IoT and IAM resources for your core device. To increase security, we recommend that you get temporary credentials for an IAM role that allows only the minimum permissions necessary to provision. For more information, see Minimal IAM policy for installer to provision resources.
Note
The installer doesn't save or store your credentials.
On your device, do one of the following to retrieve credentials and make them available to the Amazon IoT Greengrass Core software installer:
-
(Recommended) Use temporary credentials from Amazon IAM Identity Center
-
Provide the access key ID, secret access key, and session token from the IAM Identity Center. For more information, see Manual credential refresh in Getting and refreshing temporary credentials in the IAM Identity Center user guide.
-
Run the following commands to provide the credentials to the Amazon IoT Greengrass Core software.
Linux or UnixWindows Command Prompt (CMD)PowerShell- Linux or Unix
export AWS_ACCESS_KEY_ID=
AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
export AWS_SESSION_TOKEN=AQoDYXdzEJr1K...o5OytwEXAMPLE=
- Windows Command Prompt (CMD)
set AWS_ACCESS_KEY_ID=
AKIAIOSFODNN7EXAMPLE
set AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
set AWS_SESSION_TOKEN=AQoDYXdzEJr1K...o5OytwEXAMPLE=
- PowerShell
$env:AWS_ACCESS_KEY_ID="
AKIAIOSFODNN7EXAMPLE
" $env:AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
" $env:AWS_SESSION_TOKEN="AQoDYXdzEJr1K...o5OytwEXAMPLE=
"
-
-
Use temporary security credentials from an IAM role:
-
Provide the access key ID, secret access key, and session token from an IAM role that you assume. For more information about how to retrieve these credentials, see Requesting temporary security credentials in the IAM User Guide.
-
Run the following commands to provide the credentials to the Amazon IoT Greengrass Core software.
Linux or UnixWindows Command Prompt (CMD)PowerShell- Linux or Unix
export AWS_ACCESS_KEY_ID=
AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
export AWS_SESSION_TOKEN=AQoDYXdzEJr1K...o5OytwEXAMPLE=
- Windows Command Prompt (CMD)
set AWS_ACCESS_KEY_ID=
AKIAIOSFODNN7EXAMPLE
set AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
set AWS_SESSION_TOKEN=AQoDYXdzEJr1K...o5OytwEXAMPLE=
- PowerShell
$env:AWS_ACCESS_KEY_ID="
AKIAIOSFODNN7EXAMPLE
" $env:AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
" $env:AWS_SESSION_TOKEN="AQoDYXdzEJr1K...o5OytwEXAMPLE=
"
-
-
Use long-term credentials from an IAM user:
-
Provide the access key ID and secret access key for your IAM user. You can create an IAM user for provisioning that you later delete. For the IAM policy to give the user, see Minimal IAM policy for installer to provision resources. For more information about how to retrieve long-term credentials, see Managing access keys for IAM users in the IAM User Guide.
-
Run the following commands to provide the credentials to the Amazon IoT Greengrass Core software.
Linux or UnixWindows Command Prompt (CMD)PowerShell- Linux or Unix
export AWS_ACCESS_KEY_ID=
AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
- Windows Command Prompt (CMD)
set AWS_ACCESS_KEY_ID=
AKIAIOSFODNN7EXAMPLE
set AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
- PowerShell
$env:AWS_ACCESS_KEY_ID="
AKIAIOSFODNN7EXAMPLE
" $env:AWS_SECRET_ACCESS_KEY="wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
"
-
(Optional) If you created an IAM user to provision your Greengrass device, delete the user.
-
(Optional) If you used the access key ID and secret access key from an existing IAM user, update the keys for the user so that they are no longer valid. For more information, see Updating access keys in the Amazon Identity and Access Management user guide.
-
-
-
Under Run the installer, complete the following steps.
-
Under Download the installer, choose Copy and run the copied command on your core device. This command downloads the latest version of the Amazon IoT Greengrass Core software and unzips it on your device.
-
Under Run the installer, choose Copy, and run the copied command on your core device. This command uses the Amazon IoT thing and thing group names that you specified earlier to run the Amazon IoT Greengrass Core software installer and set up Amazon resources for your core device.
This command also does the following:
-
Set up the Amazon IoT Greengrass Core software as a system service that runs at boot. On Linux devices, this requires the Systemd
init system. Important
On Windows core devices, you must set up the Amazon IoT Greengrass Core software as a system service.
-
Deploy the Amazon IoT Greengrass CLI component, which is a command-line tool that enables you to develop custom Greengrass components on the core device.
-
Specify to use the
ggc_user
system user to run software components on the core device. On Linux devices, this command also specifies to use theggc_group
system group, and the installer creates the system user and group for you.
When you run this command, you should see the following messages to indicate that the installer succeeded.
Successfully configured Nucleus with provisioned resource details! Configured Nucleus to deploy aws.greengrass.Cli component Successfully set up Nucleus as a system service
Note
If you have a Linux device and it doesn't have systemd
, the installer won't set up the software as a system service, and you won't see the success message for setting up the nucleus as a system service. -
-
-
- Nucleus lite
-
-
Choose Nucleus lite as your core device's software runtime.
-
Select your device set up method to provision your device to a Greengrass core device.
Option 1: Set up a device with package download (approximately 1MB)
-
Create an Amazon IoT thing and the role for Greengrass.
-
Download the zip file that contains Amazon IoT resources that your device needs to connect to Amazon IoT:
-
A certificate and private key generated using Amazon IoT's certificate authority.
-
A schema file to initiate Greengrass installation for your device.
-
-
Download the package that will install the latest Greengrass Nucleus lite runtime to your Raspberry Pi.
-
Provision your device to become an Amazon IoT Greengrass Core device and connect it to Amazon IoT:
-
a. Transfer the Greengrass package and connection kit to your device using a USB thumb drive, SCP/FTP, or SD cards.
-
b. Unzip the greengrass-package.zip file in the /GreengrassInstaller directory on the device.
-
c. Unzip the connection kit zip file in the /directory on the device.
-
d. Run the provided command on the device to install Amazon IoT Greengrass
-
-
Then, choose View core devices.
Option 2: Set up a device with a pre-configured whole disk sample image download (approximately 100MB)
-
Create an Amazon IoT thing and the role for Greengrass.
-
Download the zip file that contains Amazon IoT resources that your device needs to connect to Amazon IoT:
-
A certificate and private key generated using Amazon IoT's certificate authority.
-
A schema file to initiate Greengrass installation for your device.
-
-
Download the pre-configured whole disk sample image that contains Greengrass and the operating system.
-
To transfer the connection kit and flash the image onto your device, follow the readme file downloaded with the image.
-
To start Greengrass installation, turn on and boot the device from the flashed image
-
-
Then, choose View core devices.
Option 3: Set up a device with your own custom build
-
Create an Amazon IoT thing and the role for Greengrass.
-
Download the zip file that contains Amazon IoT resources that your device needs to connect to Amazon IoT:
-
A certificate and private key generated using Amazon IoT's certificate authority.
-
A schema file to initiate Greengrass installation for your device.
-
-
To customize and build your own image using Yocto from source code, and then use the connection kit to install nucleus lite, follow the instructions on GitHub.
-
Then, choose View core devices.
-
-