AWS IoT Greengrass
开发人员指南
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

AWS CloudFormation 支持 AWS IoT Greengrass

AWS CloudFormation 是一项服务,可帮助您创建、管理和复制您的 AWS 资源。您可以使用 AWS CloudFormation 模板来定义要部署的 AWS IoT Greengrass 组和设备、订阅及其他组件。有关示例,请参阅示例模板

您从模板中生成的资源和基础设施称为堆栈。您可以在一个模板中定义所有资源,也可以引用其他堆栈中的资源。有关 AWS CloudFormation 模板和功能的更多信息,请参阅 AWS CloudFormation 用户指南 中的什么是 AWS CloudFormation?

创建资源

AWS CloudFormation 模板是描述 AWS 资源的属性和关系的 JSON 或 YAML 文档。支持以下 AWS IoT Greengrass 资源:

  • 核心

  • 设备

  • Lambda 函数

  • 连接器

  • 资源(本地、机器学习和密钥)

  • 订阅

  • 日志记录程序(日志记录配置)

在 AWS CloudFormation 模板中,Greengrass 资源的结构和语法基于 AWS IoT Greengrass API。例如,示例模板将一个顶级 DeviceDefinition 与包含单个设备的 DeviceDefinitionVersion 关联。有关更多信息,请参阅 AWS CloudFormation 用户指南 中的 AWS IoT Greengrass 资源类型参考

当您使用 AWS CloudFormation 模板创建 AWS 资源时,我们建议您仅从 AWS CloudFormation 管理这些资源。例如,如果您要添加、更改或删除设备,则应更新您的模板(而不是使用 AWS IoT Greengrass API 或 AWS IoT 控制台)。这允许您使用回滚及其他 AWS CloudFormation 更改管理功能。有关使用 AWS CloudFormation 创建和管理您的资源和堆栈的更多信息,请参阅 AWS CloudFormation 用户指南 中的使用堆栈

有关演示如何在 AWS CloudFormation 模板中创建和部署 AWS IoT Greengrass 资源的分布指南,请参阅“AWS 上的物联网”官方博客上的使用 AWS CloudFormation 实现 AWS IoT Greengrass 设置自动化

部署资源

在创建包含组版本的 AWS CloudFormation 堆栈后,您可以使用 AWS CLI 或 AWS IoT 控制台部署它。

注意

要部署组,您必须具有与您的 AWS 账户关联的 Greengrass 服务角色。该服务角色允许 AWS IoT Greengrass 访问您在 AWS Lambda 和其他 AWS 服务中的资源。如果您已在当前 AWS 区域中部署了 Greengrass 组,则该角色应存在。有关更多信息,请参阅Greengrass 服务角色

部署组 (AWS CLI)
  • 运行 create-deployment 命令。

    aws greengrass create-deployment --group-id GroupId --group-version-id GroupVersionId --deployment-type NewDeployment

    注意

    示例模板中的 CommandToDeployGroup 语句说明如何在创建堆栈时将命令与组和组版本 ID 一起输出。

部署组(控制台)
  1. 在 AWS IoT 控制台中,选择 Greengrass,然后选择 Groups (组)

  2. 选择您的组。

  3. 在组配置页面上,从 Actions (操作) 中选择 Deploy (部署)

    
                突出显示了“Deploy action”(部署操作) 的“Group”(组) 页面的屏幕截图。

    这会将组配置部署到您的 AWS IoT Greengrass Core 设备。有关问题排查帮助,请参阅AWS IoT Greengrass 问题排查

示例模板

以下示例模板创建一个包含核心、设备、功能、日志记录程序、订阅和两种资源的 Greengrass 组。为此,该模板采用 AWS IoT Greengrass API 的对象模型。例如,要添加到组的设备包含在 DeviceDefinitionVersion 资源中,而后者与 DeviceDefinition 资源关联。要将设备添加到组,组版本将引用 DeviceDefinitionVersion 的 ARN。

该模板包含的参数可让您指定核心和设备的证书 ARN 以及源 Lambda 函数(这是一种 AWS Lambda 资源)的版本 ARN。该模板使用 RefGetAtt 内部函数引用创建 Greengrass 资源所需的 ID、ARN 和其他属性。

该模板还定义了两个 AWS IoT 设备(事物),这表示要添加到 Greengrass 组的核心和设备。

在使用您的 Greengrass 资源创建堆栈后,您可以使用 AWS CLI 或 AWS IoT 控制台来部署组

注意

该示例中的 CommandToDeployGroup 语句说明如何输出可用于部署组的完整 create-deployment CLI 命令。

JSONYAML
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "AWS IoT Greengrass example template that creates a group version with a core, device, function, logger, subscription, and resources.", "Parameters": { "CoreCertificateArn": { "Type": "String" }, "DeviceCertificateArn": { "Type": "String" }, "LambdaVersionArn": { "Type": "String" } }, "Resources": { "TestCore1": { "Type": "AWS::IoT::Thing", "Properties": { "ThingName": "TestCore1" } }, "TestCoreDefinition": { "Type": "AWS::Greengrass::CoreDefinition", "Properties": { "Name": "DemoTestCoreDefinition" } }, "TestCoreDefinitionVersion": { "Type": "AWS::Greengrass::CoreDefinitionVersion", "Properties": { "CoreDefinitionId": { "Ref": "TestCoreDefinition" }, "Cores": [ { "Id": "TestCore1", "CertificateArn": { "Ref": "CoreCertificateArn" }, "SyncShadow": "false", "ThingArn": { "Fn::Join": [ ":", [ "arn:aws:iot", { "Ref": "AWS::Region" }, { "Ref": "AWS::AccountId" }, "thing/TestCore1" ] ] } } ] } }, "TestDevice1": { "Type": "AWS::IoT::Thing", "Properties": { "ThingName": "TestDevice1" } }, "TestDeviceDefinition": { "Type": "AWS::Greengrass::DeviceDefinition", "Properties": { "Name": "DemoTestDeviceDefinition" } }, "TestDeviceDefinitionVersion": { "Type": "AWS::Greengrass::DeviceDefinitionVersion", "Properties": { "DeviceDefinitionId": { "Fn::GetAtt": [ "TestDeviceDefinition", "Id" ] }, "Devices": [ { "Id": "TestDevice1", "CertificateArn": { "Ref": "DeviceCertificateArn" }, "SyncShadow": "true", "ThingArn": { "Fn::Join": [ ":", [ "arn:aws:iot", { "Ref": "AWS::Region" }, { "Ref": "AWS::AccountId" }, "thing/TestDevice1" ] ] } } ] } }, "TestFunctionDefinition": { "Type": "AWS::Greengrass::FunctionDefinition", "Properties": { "Name": "DemoTestFunctionDefinition" } }, "TestFunctionDefinitionVersion": { "Type": "AWS::Greengrass::FunctionDefinitionVersion", "Properties": { "FunctionDefinitionId": { "Fn::GetAtt": [ "TestFunctionDefinition", "Id" ] }, "DefaultConfig": { "Execution": { "IsolationMode": "GreengrassContainer" } }, "Functions": [ { "Id": "TestLambda1", "FunctionArn": { "Ref": "LambdaVersionArn" }, "FunctionConfiguration": { "Pinned": "true", "Executable": "run.exe", "ExecArgs": "argument1", "MemorySize": "512", "Timeout": "2000", "EncodingType": "binary", "Environment": { "Variables": { "variable1": "value1" }, "ResourceAccessPolicies": [ { "ResourceId": "ResourceId1", "Permission": "ro" }, { "ResourceId": "ResourceId2", "Permission": "rw" } ], "AccessSysfs": "false", "Execution": { "IsolationMode": "GreengrassContainer", "RunAs": { "Uid": "1", "Gid": "10" } } } } } ] } }, "TestLoggerDefinition": { "Type": "AWS::Greengrass::LoggerDefinition", "Properties": { "Name": "DemoTestLoggerDefinition" } }, "TestLoggerDefinitionVersion": { "Type": "AWS::Greengrass::LoggerDefinitionVersion", "Properties": { "LoggerDefinitionId": { "Ref": "TestLoggerDefinition" }, "Loggers": [ { "Id": "TestLogger1", "Type": "AWSCloudWatch", "Component": "GreengrassSystem", "Level": "INFO" } ] } }, "TestResourceDefinition": { "Type": "AWS::Greengrass::ResourceDefinition", "Properties": { "Name": "DemoTestResourceDefinition" } }, "TestResourceDefinitionVersion": { "Type": "AWS::Greengrass::ResourceDefinitionVersion", "Properties": { "ResourceDefinitionId": { "Ref": "TestResourceDefinition" }, "Resources": [ { "Id": "ResourceId1", "Name": "LocalDeviceResource", "ResourceDataContainer": { "LocalDeviceResourceData": { "SourcePath": "/dev/TestSourcePath1", "GroupOwnerSetting": { "AutoAddGroupOwner": "false", "GroupOwner": "TestOwner" } } } }, { "Id": "ResourceId2", "Name": "LocalVolumeResourceData", "ResourceDataContainer": { "LocalVolumeResourceData": { "SourcePath": "/dev/TestSourcePath2", "DestinationPath": "/volumes/TestDestinationPath2", "GroupOwnerSetting": { "AutoAddGroupOwner": "false", "GroupOwner": "TestOwner" } } } } ] } }, "TestSubscriptionDefinition": { "Type": "AWS::Greengrass::SubscriptionDefinition", "Properties": { "Name": "DemoTestSubscriptionDefinition" } }, "TestSubscriptionDefinitionVersion": { "Type": "AWS::Greengrass::SubscriptionDefinitionVersion", "Properties": { "SubscriptionDefinitionId": { "Ref": "TestSubscriptionDefinition" }, "Subscriptions": [ { "Id": "TestSubscription1", "Source": { "Fn::Join": [ ":", [ "arn:aws:iot", { "Ref": "AWS::Region" }, { "Ref": "AWS::AccountId" }, "thing/TestDevice1" ] ] }, "Subject": "TestSubjectUpdated", "Target": { "Ref": "LambdaVersionArn" } } ] } }, "TestGroup": { "Type": "AWS::Greengrass::Group", "Properties": { "Name": "DemoTestGroupNewName", "RoleArn": { "Fn::Join": [ ":", [ "arn:aws:iam:", { "Ref": "AWS::AccountId" }, "role/TestUser" ] ] }, "InitialVersion": { "CoreDefinitionVersionArn": { "Ref": "TestCoreDefinitionVersion" }, "DeviceDefinitionVersionArn": { "Ref": "TestDeviceDefinitionVersion" }, "FunctionDefinitionVersionArn": { "Ref": "TestFunctionDefinitionVersion" }, "SubscriptionDefinitionVersionArn": { "Ref": "TestSubscriptionDefinitionVersion" }, "LoggerDefinitionVersionArn": { "Ref": "TestLoggerDefinitionVersion" }, "ResourceDefinitionVersionArn": { "Ref": "TestResourceDefinitionVersion" } } } } }, "Outputs": { "CommandToDeployGroup": { "Value": { "Fn::Join": [ " ", [ "groupVersion=$(cut -d'/' -f6 <<<", { "Fn::GetAtt": [ "TestGroup", "LatestVersionArn" ] }, ");", "aws --region", { "Ref": "AWS::Region" }, "greengrass create-deployment --group-id", { "Ref": "TestGroup" }, "--deployment-type NewDeployment --group-version-id", "$groupVersion" ] ] } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Description: >- AWS IoT Greengrass example template that creates a group version with a core, device, function, logger, subscription, and resources. Parameters: CoreCertificateArn: Type: String DeviceCertificateArn: Type: String LambdaVersionArn: Type: String Resources: TestCore1: Type: 'AWS::IoT::Thing' Properties: ThingName: TestCore1 TestCoreDefinition: Type: 'AWS::Greengrass::CoreDefinition' Properties: Name: DemoTestCoreDefinition TestCoreDefinitionVersion: Type: 'AWS::Greengrass::CoreDefinitionVersion' Properties: CoreDefinitionId: !Ref TestCoreDefinition Cores: - Id: TestCore1 CertificateArn: !Ref CoreCertificateArn SyncShadow: 'false' ThingArn: !Join - ':' - - 'arn:aws:iot' - !Ref 'AWS::Region' - !Ref 'AWS::AccountId' - thing/TestCore1 TestDevice1: Type: 'AWS::IoT::Thing' Properties: ThingName: TestDevice1 TestDeviceDefinition: Type: 'AWS::Greengrass::DeviceDefinition' Properties: Name: DemoTestDeviceDefinition TestDeviceDefinitionVersion: Type: 'AWS::Greengrass::DeviceDefinitionVersion' Properties: DeviceDefinitionId: !GetAtt - TestDeviceDefinition - Id Devices: - Id: TestDevice1 CertificateArn: !Ref DeviceCertificateArn SyncShadow: 'true' ThingArn: !Join - ':' - - 'arn:aws:iot' - !Ref 'AWS::Region' - !Ref 'AWS::AccountId' - thing/TestDevice1 TestFunctionDefinition: Type: 'AWS::Greengrass::FunctionDefinition' Properties: Name: DemoTestFunctionDefinition TestFunctionDefinitionVersion: Type: 'AWS::Greengrass::FunctionDefinitionVersion' Properties: FunctionDefinitionId: !GetAtt - TestFunctionDefinition - Id DefaultConfig: Execution: IsolationMode: GreengrassContainer Functions: - Id: TestLambda1 FunctionArn: !Ref LambdaVersionArn FunctionConfiguration: Pinned: 'true' Executable: run.exe ExecArgs: argument1 MemorySize: '512' Timeout: '2000' EncodingType: binary Environment: Variables: variable1: value1 ResourceAccessPolicies: - ResourceId: ResourceId1 Permission: ro - ResourceId: ResourceId2 Permission: rw AccessSysfs: 'false' Execution: IsolationMode: GreengrassContainer RunAs: Uid: '1' Gid: '10' TestLoggerDefinition: Type: 'AWS::Greengrass::LoggerDefinition' Properties: Name: DemoTestLoggerDefinition TestLoggerDefinitionVersion: Type: 'AWS::Greengrass::LoggerDefinitionVersion' Properties: LoggerDefinitionId: !Ref TestLoggerDefinition Loggers: - Id: TestLogger1 Type: AWSCloudWatch Component: GreengrassSystem Level: INFO TestResourceDefinition: Type: 'AWS::Greengrass::ResourceDefinition' Properties: Name: DemoTestResourceDefinition TestResourceDefinitionVersion: Type: 'AWS::Greengrass::ResourceDefinitionVersion' Properties: ResourceDefinitionId: !Ref TestResourceDefinition Resources: - Id: ResourceId1 Name: LocalDeviceResource ResourceDataContainer: LocalDeviceResourceData: SourcePath: /dev/TestSourcePath1 GroupOwnerSetting: AutoAddGroupOwner: 'false' GroupOwner: TestOwner - Id: ResourceId2 Name: LocalVolumeResourceData ResourceDataContainer: LocalVolumeResourceData: SourcePath: /dev/TestSourcePath2 DestinationPath: /volumes/TestDestinationPath2 GroupOwnerSetting: AutoAddGroupOwner: 'false' GroupOwner: TestOwner TestSubscriptionDefinition: Type: 'AWS::Greengrass::SubscriptionDefinition' Properties: Name: DemoTestSubscriptionDefinition TestSubscriptionDefinitionVersion: Type: 'AWS::Greengrass::SubscriptionDefinitionVersion' Properties: SubscriptionDefinitionId: !Ref TestSubscriptionDefinition Subscriptions: - Id: TestSubscription1 Source: !Join - ':' - - 'arn:aws:iot' - !Ref 'AWS::Region' - !Ref 'AWS::AccountId' - thing/TestDevice1 Subject: TestSubjectUpdated Target: !Ref LambdaVersionArn TestGroup: Type: 'AWS::Greengrass::Group' Properties: Name: DemoTestGroupNewName RoleArn: !Join - ':' - - 'arn:aws:iam:' - !Ref 'AWS::AccountId' - role/TestUser InitialVersion: CoreDefinitionVersionArn: !Ref TestCoreDefinitionVersion DeviceDefinitionVersionArn: !Ref TestDeviceDefinitionVersion FunctionDefinitionVersionArn: !Ref TestFunctionDefinitionVersion SubscriptionDefinitionVersionArn: !Ref TestSubscriptionDefinitionVersion LoggerDefinitionVersionArn: !Ref TestLoggerDefinitionVersion ResourceDefinitionVersionArn: !Ref TestResourceDefinitionVersion Outputs: CommandToDeployGroup: Value: !Join - ' ' - - groupVersion=$(cut -d'/' -f6 <<< - !GetAtt - TestGroup - LatestVersionArn - ); - aws --region - !Ref 'AWS::Region' - greengrass create-deployment --group-id - !Ref TestGroup - '--deployment-type NewDeployment --group-version-id' - $groupVersion

支持的 AWS 区域

目前,您仅可以在以下 AWS 区域中创建和管理 AWS IoT Greengrass 资源:

  • 美国东部(俄亥俄州)

  • 美国东部(弗吉尼亚北部)

  • 美国西部(俄勒冈)

  • 亚太地区(孟买)

  • 亚太区域(首尔)

  • 亚太区域(新加坡)

  • 亚太区域(悉尼)

  • 亚太区域(东京)

  • 中国(北京)

  • 欧洲(法兰克福)

  • 欧洲(爱尔兰)

  • 欧洲 (伦敦)

  • AWS GovCloud(美国西部)