aws-apigateway-iot
| Reference Documentation: | https://docs.aws.amazon.com/solutions/latest/constructs/ |
| Language | Package |
|---|---|
|
|
|
|
|
|
|
|
|
Overview
This AWS Solutions Construct implements an Amazon API Gateway REST API connected to AWS IoT pattern.
This construct creates a scalable HTTPS proxy between API Gateway and AWS IoT. This comes in handy when wanting to allow legacy devices that do not support the MQTT or MQTT/Websocket protocol to interact with the AWS IoT platform.
This implementation enables write-only messages to be published on given MQTT topics, and also supports shadow updates of HTTPS devices to allowed things in the device registry. It does not involve Lambda functions for proxying messages, and instead relies on direct API Gateway to AWS IoT integration which supports both JSON messages as well as binary messages.
Here is a minimal deployable pattern definition, note that the ATS endpoint for IoT must be used to avoid SSL certificate issues:
Example
Pattern Construct Props
| Name | Type | Description |
|---|---|---|
|
iotEndpoint |
|
The AWS IoT endpoint subdomain to integrate the
API Gateway with (e.g a1234567890123-ats). Note that this must point to
the ATS endpoint to avoid SSL certificate trust issues. The endpoint can
be retrieved by running
|
|
apiGatewayCreateApiKey? |
|
If set to |
|
apiGatewayExecutionRole? |
IAM Role used by the API Gateway to access AWS IoT. If not specified, a default role is created with wildcard (’*’) access to all topics and things. |
|
|
apiGatewayProps? |
Optional user-provided props to override the default props for the API Gateway. |
|
|
createUsagePlan? |
boolean |
Whether to create a Usage Plan attached to the API. Must be true if apiGatewayProps.defaultMethodOptions.apiKeyRequired is true. @default - true (to match legacy behavior) |
|
logGroupProps? |
User provided props to override the default props for for the CloudWatchLogs LogGroup. |
Pattern Properties
| Name | Type | Description |
|---|---|---|
|
apiGateway |
Returns an instance of the API Gateway REST API created by the pattern. |
|
|
apiGatewayRole |
Returns an instance of the iam.Role created by the construct for API Gateway. |
|
|
apiGatewayCloudWatchRole? |
Returns an instance of the iam.Role created by the construct for API Gateway for CloudWatch access. |
|
|
apiGatewayLogGroup |
Returns an instance of the LogGroup created by the construct for API Gateway access logging to CloudWatch. |
Default settings
Out of the box implementation of the Construct without any override will set the following defaults:
Amazon API Gateway
-
Deploy an edge-optimized API Endpoint
-
Creates API Resources with
POSTMethod to publish messages to IoT Topics -
Creates API Resources with
POSTMethod to publish messages to ThingShadow & NamedShadows -
Enable CloudWatch logging for API Gateway
-
Configure IAM role for API Gateway with access to all topics and things
-
Set the default authorizationType for all API methods to IAM
-
Enable X-Ray Tracing
-
Creates a UsagePlan and associates to
prodstage
Below is a description of the different resources and methods exposed by the API Gateway after deploying the Construct.
| Method | Resource | Query parameter(s) | Return code(s) | Description |
|---|---|---|---|---|
|
POST |
|
qos |
|
By calling
this endpoint, you need to pass the topics on which you would like to
publish (e.g |
|
POST |
|
None |
|
This
route allows to update the shadow document of a thing, given its
|
|
POST |
|
None |
|
This route allows to update the named shadow document of
a thing, given its |
Architecture
Github
Go to the Github repo
