Creating an Amazon IoT rule
You configure rules to route data from your connected things. Rules consist of the following:
- Rule name
-
The name of the rule.
Note
We do not recommend the use of personally identifiable information in your rule names.
- Optional description
-
A textual description of the rule.
Note
We do not recommend the use of personally identifiable information in your rule descriptions.
- SQL statement
-
A simplified SQL syntax to filter messages received on an MQTT topic and push the data elsewhere. For more information, see Amazon IoT SQL reference.
- SQL version
-
The version of the SQL rules engine to use when evaluating the rule. Although this property is optional, we strongly recommend that you specify the SQL version. The Amazon IoT Core console sets this property to
2016-03-23by default. If this property is not set, such as in an Amazon CLI command or an Amazon CloudFormation template,2015-10-08is used. For more information, see SQL versions. - One or more actions
-
The actions Amazon IoT performs when enacting the rule. For example, you can insert data into a DynamoDB table, write data to an Amazon S3 bucket, publish to an Amazon SNS topic, or invoke a Lambda function.
- An error action
-
The action Amazon IoT performs when it's unable to perform a rule's action.
When you create a rule, be aware of how much data you're publishing on topics. If you create rules that include a wildcard topic pattern, they might match a large percentage of your messages. If this is the case, you might need to increase the capacity of the Amazon resources used by the target actions. Also, if you create a republish rule that includes a wildcard topic pattern, you can end up with a circular rule that causes an infinite loop.
Note
Creating and updating rules are administrator-level actions. Any user who has permission to create or update rules is able to access data processed by the rules.
To create a rule (Amazon CLI)
Use the create-topic-rule command to create a rule:
aws iot create-topic-rule --rule-namemyrule--topic-rule-payload file://myrule.json
The following is an example payload file with a rule that inserts all messages sent to
the iot/test topic into the specified DynamoDB table. The SQL statement
filters the messages and the role ARN grants Amazon IoT permission to write to the DynamoDB
table.
{ "sql": "SELECT * FROM 'iot/test'", "ruleDisabled": false, "awsIotSqlVersion": "2016-03-23", "actions": [{ "dynamoDB": { "tableName": "my-dynamodb-table", "roleArn": "arn:aws:iam::123456789012:role/my-iot-role", "hashKeyField": "topic", "hashKeyValue": "${topic(2)}", "rangeKeyField": "timestamp", "rangeKeyValue": "${timestamp()}" } }] }
The following is an example payload file with a rule that inserts all messages sent to
the iot/test topic into the specified S3 bucket. The SQL statement filters
the messages, and the role ARN grants Amazon IoT permission to write to the Amazon S3
bucket.
{ "awsIotSqlVersion": "2016-03-23", "sql": "SELECT * FROM 'iot/test'", "ruleDisabled": false, "actions": [ { "s3": { "roleArn": "arn:aws:iam::123456789012:role/aws_iot_s3", "bucketName": "my-bucket", "key": "myS3Key" } } ] }
The following is an example payload file with a rule that pushes data to Amazon OpenSearch Service:
{ "sql":"SELECT *, timestamp() as timestamp FROM 'iot/test'", "ruleDisabled":false, "awsIotSqlVersion": "2016-03-23", "actions":[ { "OpenSearch":{ "roleArn":"arn:aws:iam::123456789012:role/aws_iot_es", "endpoint":"https://my-endpoint", "index":"my-index", "type":"my-type", "id":"${newuuid()}" } } ] }
The following is an example payload file with a rule that invokes a Lambda function:
{ "sql": "expression", "ruleDisabled": false, "awsIotSqlVersion": "2016-03-23", "actions": [{ "lambda": { "functionArn": "arn:aws:lambda:us-west-2:123456789012:function:my-lambda-function" } }] }
The following is an example payload file with a rule that publishes to an Amazon SNS topic:
{ "sql": "expression", "ruleDisabled": false, "awsIotSqlVersion": "2016-03-23", "actions": [{ "sns": { "targetArn": "arn:aws:sns:us-west-2:123456789012:my-sns-topic", "roleArn": "arn:aws:iam::123456789012:role/my-iot-role" } }] }
The following is an example payload file with a rule that republishes on a different MQTT topic:
{ "sql": "expression", "ruleDisabled": false, "awsIotSqlVersion": "2016-03-23", "actions": [{ "republish": { "topic": "my-mqtt-topic", "roleArn": "arn:aws:iam::123456789012:role/my-iot-role" } }] }
The following is an example payload file with a rule that pushes data to an Amazon Kinesis Data Firehose stream:
{ "sql": "SELECT * FROM 'my-topic'", "ruleDisabled": false, "awsIotSqlVersion": "2016-03-23", "actions": [{ "firehose": { "roleArn": ""arn:aws:iam::123456789012:role/my-iot-role", "deliveryStreamName": "my-stream-name" } }] }
The following is an example payload file with a rule that uses the Amazon SageMaker
machinelearning_predict function to republish to a topic if the data in
the MQTT payload is classified as a 1.
{ "sql": "SELECT * FROM 'iot/test' where machinelearning_predict('my-model', 'arn:aws:iam::123456789012:role/my-iot-aml-role', *).predictedLabel=1", "ruleDisabled": false, "awsIotSqlVersion": "2016-03-23", "actions": [{ "republish": { "roleArn": "arn:aws:iam::123456789012:role/my-iot-role", "topic": "my-mqtt-topic" } }] }
The following is an example payload file with a rule that publishes messages to a Salesforce IoT Cloud input stream.
{ "sql": "expression", "ruleDisabled": false, "awsIotSqlVersion": "2016-03-23", "actions": [{ "salesforce": { "token": "ABCDEFGHI123456789abcdefghi123456789", "url": "https://ingestion-cluster-id.my-env.sfdcnow.com/streams/stream-id/connection-id/my-event" } }] }
The following is an example payload file with a rule that starts an execution of a Step Functions state machine.
{ "sql": "expression", "ruleDisabled": false, "awsIotSqlVersion": "2016-03-23", "actions": [{ "stepFunctions": { "stateMachineName": "myCoolStateMachine", "executionNamePrefix": "coolRunning", "roleArn": "arn:aws:iam::123456789012:role/my-iot-role" } }] }