AWS Announces a New Version of AWS Iot Greengrass

Recently, AWS announced a new version of its IoT Greengrass edge runtime and cloud service during the annual re:Invent. The latest version 2.0 comes with pre-built software components, local software development tools, and new features for managing software on large fleet devices.

The new version of IoT Greengrass comes three years after its version 1.0 release in 2017. AWS designed the service to help customers quickly and easily build intelligent device software as it enables local processing, messaging, data management, ML inference, and pre-built components to accelerate application development. Furthermore, it provides a secure way to seamlessly connect edge devices to any AWS service, as well as to third-party services.

#amazon web services #aws #iot #aws iot greengrass

What is GEEK

Buddha Community

Best Custom Web & Mobile App Development Company

Everything around us has become smart, like smart infrastructures, smart cities, autonomous vehicles, to name a few. The innovation of smart devices makes it possible to achieve these heights in science and technology. But, data is vulnerable, there is a risk of attack by cybercriminals. To get started, let’s know about IoT devices.

What are IoT devices?

The Internet Of Things(IoT) is a system that interrelates computer devices like sensors, software, and actuators, digital machines, etc. They are linked together with particular objects that work through the internet and transfer data over devices without humans interference.

Famous examples are Amazon Alexa, Apple SIRI, Interconnected baby monitors, video doorbells, and smart thermostats.

How could your IoT devices be vulnerable?

When technologies grow and evolve, risks are also on the high stakes. Ransomware attacks are on the continuous increase; securing data has become the top priority.

When you think your smart home won’t fudge a thing against cybercriminals, you should also know that they are vulnerable. When cybercriminals access our smart voice speakers like Amazon Alexa or Apple Siri, it becomes easy for them to steal your data.

Cybersecurity report 2020 says popular hacking forums expose 770 million email addresses and 21 million unique passwords, 620 million accounts have been compromised from 16 hacked websites.

The attacks are likely to increase every year. To help you secure your data of IoT devices, here are some best tips you can implement.

Tips to secure your IoT devices

1. Change Default Router Name

Your router has the default name of make and model. When we stick with the manufacturer name, attackers can quickly identify our make and model. So give the router name different from your addresses, without giving away personal information.

2. Know your connected network and connected devices

If your devices are connected to the internet, these connections are vulnerable to cyber attacks when your devices don’t have the proper security. Almost every web interface is equipped with multiple devices, so it’s hard to track the device. But, it’s crucial to stay aware of them.

3. Change default usernames and passwords

When we use the default usernames and passwords, it is attackable. Because the cybercriminals possibly know the default passwords come with IoT devices. So use strong passwords to access our IoT devices.

4. Manage strong, Unique passwords for your IoT devices and accounts

Use strong or unique passwords that are easily assumed, such as ‘123456’ or ‘password1234’ to protect your accounts. Give strong and complex passwords formed by combinations of alphabets, numeric, and not easily bypassed symbols.

Also, change passwords for multiple accounts and change them regularly to avoid attacks. We can also set several attempts to wrong passwords to set locking the account to safeguard from the hackers.

5. Do not use Public WI-FI Networks

Are you try to keep an eye on your IoT devices through your mobile devices in different locations. I recommend you not to use the public WI-FI network to access them. Because they are easily accessible through for everyone, you are still in a hurry to access, use VPN that gives them protection against cyber-attacks, giving them privacy and security features, for example, using Express VPN.

6. Establish firewalls to discover the vulnerabilities

There are software and firewalls like intrusion detection system/intrusion prevention system in the market. This will be useful to screen and analyze the wire traffic of a network. You can identify the security weakness by the firewall scanners within the network structure. Use these firewalls to get rid of unwanted security issues and vulnerabilities.

7. Reconfigure your device settings

Every smart device comes with the insecure default settings, and sometimes we are not able to change these default settings configurations. These conditions need to be assessed and need to reconfigure the default settings.

8. Authenticate the IoT applications

Nowadays, every smart app offers authentication to secure the accounts. There are many types of authentication methods like single-factor authentication, two-step authentication, and multi-factor authentication. Use any one of these to send a one time password (OTP) to verify the user who logs in the smart device to keep our accounts from falling into the wrong hands.

9. Update the device software up to date

Every smart device manufacturer releases updates to fix bugs in their software. These security patches help us to improve our protection of the device. Also, update the software on the smartphone, which we are used to monitoring the IoT devices to avoid vulnerabilities.

10. Track the smartphones and keep them safe

When we connect the smart home to the smartphone and control them via smartphone, you need to keep them safe. If you miss the phone almost, every personal information is at risk to the cybercriminals. But sometimes it happens by accident, makes sure that you can clear all the data remotely.

However, securing smart devices is essential in the world of data. There are still cybercriminals bypassing the securities. So make sure to do the safety measures to avoid our accounts falling out into the wrong hands. I hope these steps will help you all to secure your IoT devices.

If you have any, feel free to share them in the comments! I’d love to know them.

Are you looking for more? Subscribe to weekly newsletters that can help your stay updated IoT application developments.

#iot #enterprise iot security #how iot can be used to enhance security #how to improve iot security #how to protect iot devices from hackers #how to secure iot devices #iot security #iot security devices #iot security offerings #iot security technologies iot security plus #iot vulnerable devices #risk based iot security program

AWS Announces a New Version of AWS Iot Greengrass

Recently, AWS announced a new version of its IoT Greengrass edge runtime and cloud service during the annual re:Invent. The latest version 2.0 comes with pre-built software components, local software development tools, and new features for managing software on large fleet devices.

The new version of IoT Greengrass comes three years after its version 1.0 release in 2017. AWS designed the service to help customers quickly and easily build intelligent device software as it enables local processing, messaging, data management, ML inference, and pre-built components to accelerate application development. Furthermore, it provides a secure way to seamlessly connect edge devices to any AWS service, as well as to third-party services.

#amazon web services #aws #iot #aws iot greengrass

【小ネタ】[AWS IoT Greengrass] クイックスタートを使用して、コマンド３行でセットアップする（RaspberryPi） | Developers.IO

1 はじめに

CX事業本部の平内（SIN）です。

AWS IoT Greengrass（以下、Greengrass）では、グループ及び、デバイスの設定を簡単に行うことができるように、クイックスタートが用意されています。

クイックスタート: Greengrass デバイスのセットアップ

今回は、上記の内容そのままなのですが、本当に初めて利用する場合などに、最低限準備するべき事項（手順）などを纏めてみました。利用したデバイスは、RaspbrerryPi Mode4です。

2 準備

最低限、準備するべき事項は、以下のとおりです。

• RespberryPiの準備
• 認証情報の準備
• リージョン決定
• グループ名の決定

(1) RespberryPiの準備

サポートされているプラットフォームは、2020/06/01現在、Armv7lでは、Raspbian Buster、2019-07-10となっています。他のディストリビューションでも動作可能のようですが、正式にサポートされているディストリビューションの利用が推奨されています。

サポートされているプラットフォームと要件

OSをインストールし、ネットワーク環境をセットアップします。

$ cat /proc/cpuinfo  | grep Revision
Revision    : c03112

$ uname -a
Linux raspberrypi 4.19.57-v7l+ #1244 SMP Thu Jul 4 18:48:07 BST 2019 armv7l GNU/Linux

(2) 認証情報

アクセスキー及びシークレットアクセスキーを準備します。Greengrassの設定や、Lambdaの構築の権限が必要です。 一時的セキュリティ認証情報を利用する場合は、アクセスキー、シークレットアクセスキー、及びセッショントークンの３つになります。 なお、セッショントークンは、パラータ　–aws-session-tokenで指定します。

(3) リージョン

Greengrassを構築するリージョンは、デフォルトでus-west-2となります。何処のリージョンで構築するかを決定します。

例）ap-northeast-1

(4) グループ名決定

グループ名を決定します。GreenGrassのグループ名は、設定するリージョンで一意である必要があります。指定しないと、デフォルト値のGreengrassDeviceSetup_Group_guidとなります。

例）My_GG_Group

3 ３行セットアップ

セットアップは、以下の3ステップです。パラメータを以下のように設定すれば、特に設定を求められることもありません。

• スクリプトをダウンロードして起動
• 再起動
• スクリプトの再起動

$ wget -q -O ./gg-device-setup-latest.sh https://d1onfpft10uf5o.cloudfront.net/greengrass-device-setup/downloads/gg-device-setup-latest.sh \
&& chmod +x ./gg-device-setup-latest.sh \
&& sudo -E ./gg-device-setup-latest.sh bootstrap-greengrass \
--aws-access-key-id XXXXX \
--aws-secret-access-key XXXXX \
--region ap-northeast-1 \
--group-name My_GG_Group \
--hello-world-lambda \
--verbose

$ sudo reboot

$ sudo -E ./gg-device-setup-latest.sh bootstrap-greengrass \
--aws-access-key-id XXXXX \
--aws-secret-access-key XXXXX

途中、新規インストールを開始するかのプロンプトには、yesを入力します。

#aws #greengrass #iot #aws-iot

AWS Serverless design for IoT

This IoT walk-through lab will show you how to send IoT data from your ESP8266 or ESP32 device, through AWS API Gateway, to Lambda, to a data lake in S3, and finally design a static web page for IoT data visualization.

You may be asking, “why would you want to deploy a HTTP API when AWS has a well functioning MQTT broker on AWS IoT Core?” Well, there are a few good reasons that we may want to send our IoT data through AWS API Gateway directly rather than through AWS IoT Core.

As an example, I had a student who was using a SIM7000A cellular modem for his ESP32. The hardware abstraction layer on his device was poorly integrated so MQTT(s) wouldn’t work, but HTTP worked well on his device. For this reason a AWS serverless design flow, utilizing the HTTP protocol instead of MQTT, can make sense. Some other possible reasons for using HTTP rather than MQTT are:

1. Your embedded device may not be capable of MQTT(s).
2. You may want to utilize REST instead of MQTT(s), and don’t mind losing the key advantage of sending IoT data through AWS IoT Core (lightweight duplex communication).
3. You may simply want to take advantage of the built-in features of API Gateway such as caching, throttling, velocity templates, payload modeling, and payload transformations.

After having said all this, 90% of my course curriculum on Udemy still goes through AWS IoT Core. However, it is important to understand how to handle these exceptions. In an effort to explore these interesting IoT scenarios I have designed this tutorial and walk-through IoT lab on AWS to better help you understand this serverless IoT implementation on AWS. It is important to note that the ESP32 has better built in security than the ESP8266, so the Arduino sketches at the end of the tutorial will reflect these differences.

It is also worth noting that charges for the AWS services used in this tutorial are free, or minuscule as a serverless design without a lot of compute usage. S3, Lambda, and API Gateway are all extremely inexpensive for prototyping and testing for non-commercial loads. It’s unlikely the following lab will cost you more than a few cents even if you are no longer on the “AWS free tier.”

Prerequisites for the tutorial

• An AWS free tier or normal AWS account
• Ability to navigate between AWS services
• An ESP8266 or ESP32 development board
• The free Arduino IDE with the device libraries and board manager for your ESP 8266 or ESP32 device

How it works - Serverless IoT

Deploy the Serverless IoT infrastructure

When teaching AWS Serverless for IoT I often find myself working backwards in order to have AWS serverless design flows make the most sense.

• You will create a S3 bucket as the final repository of your IoT Data.
• You will create a Lambda function to send your IoT data from API Gateway to S3.
• You will configure API Gateway to handle incoming data from our Arduino sketch.
• You will create an API Key to secure your deployed URL created in API Gateway.
• You will copy the provided Arduino sketch for your ESP8266 or ESP32 and provide your own API Gateway URL.
• You will change the permissions on your IoT data bucket and web page bucket from private to public.
• You will copy the provided ‘index.html’ file to visualize your IoT data on a static web host held in a second S3 bucket.

Create a S3 bucket to hold your IoT Data

Create a new S3 bucket in the region of your choice. Choose a globally unique name for your bucket and make sure to keep the region consistent between AWS services.

✅ Step-by-step Instructions for S3

1. Navigate to the AWS S3 console

2. Create a new S3 Bucket in the same region you decide to use consistently throughout this lab. Name your bucket something globally unique (this AWS requirement is so every bucket has its own static URL)

3. You don’t need to set ACL’s, Bucket policy’s or CORS at this time, so just select “Create”.

4. Finally create and save a folder/partition within your newly created S3 bucket. Name the folder whatever you like.

We are now ready to move on the to creating a lambda function to enhance our IoT data and dispatch it to our newly created S3 bucket.

Create your Lambda function in Node.js

Lambda programmed in Node.js will be used to format, enrich, and dispatch our incoming JSON payload, sent through API Gateway, to our S3 bucket to hold our IoT sensor data readings

✅ Step-by-step Instructions for Lambda

1. Navigate to the Lambda console and create a new Lambda function (“Author from scratch”) in the AWS Region of your S3 bucket.

2.Choose the latest runtime of Node.js .

3. Chose a new basic execution Role

4. press button to create your lambda function

5. Paste the Node.js code listed below into your lambda function console. Make sure to add your own bucket name and folder name that you created in the previous section where indicated in the lambda code. Uncomment the (event) line of code but keep the (event.queryStringParameters) line of the code commented out for now. We will want to see the entire test payload “event” (object) at this point in the lab. Later, when we utilize our device, we will limit the incoming IoT payload to just the query string parameters.

After pasting in the code listed below, save your lambda function.

#aws-iot-tutorial #aws-lambda #aws-s3 #aws-api-gateway #aws-iot #arduino #esp32 #esp8266

Announcing AWS IoT Greengrass 2.0

I am happy to announce AWS IoT Greengrass 2.0, a new version of AWS IoT Greengrass that makes it easy for device builders to build, deploy, and manage intelligent device software. AWS IoT Greengrass 2.0 provides an open source edge runtime, a rich set of pre-built software components, tools for local software development, and new features for managing software on large fleets of devices.

AWS IoT Greengrass 2.0 edge runtime is now open source under an Apache 2.0 license, and available on Github. Access to the source code allows you to more easily integrate your applications, troubleshoot problems, and build more reliable and performant applications that use AWS IoT Greengrass.

#aws greengrass #aws re:invent #internet of things #aws