The Internet of Things on AWS – Official Blog
AWS IoT Greengrass now supports the Windows operating system
Introduction
Microsoft Windows is a common operating system for devices used in industrial automation. Customers using AWS IoT Greengrass have been restricted to Linux based devices until now. Today we are excited to announce native Windows support for AWS IoT Greengrass v2. This will allow customers to leverage AWS IoT Greengrass on their Windows based devices to locally collect and push data to AWS IoT and other services. In this blog, we will run through how to install and use AWS IoT Greengrass on Windows.
Time to read | 15 minutes |
Time to complete | 30 minutes |
Learning level | 200 |
Services used | AWS IoT Greengrass, AWS Identity and Access Management, Amazon S3 |
Cost to complete (estimated) | $1 |
Walkthrough
AWS IoT Greengrass for Windows can be installed using the quick install method, an automated process that is run on the AWS IoT Greengrass device to provision the relevant device and AWS services. Alternatively, you can deploy the device pre-provisioned with the certificates required to connect to AWS IoT at a later date. In this blog, we will use the quick install method via the AWS console to set up one device. I will be using Microsoft Windows 10 Enterprise in the following example.
We will run through the following steps:
- Navigate to AWS IoT Greengrass getting started guide.
- Install Java on the device.
- Create an AWS IAM user who has permissions to provision a device.
- Install version 2 of the AWS Command Line Interface (CLI) on the device
- Create a local user on the Windows machine that will run AWS IoT Greengrass.
- Download and run the AWS IoT Greengrass installer.
- Checking that AWS IoT Greengrass is installed and running.
- Create and deploy your first AWS IoT Greengrass component.
Prerequisites
- An AWS account. If you don’t have one, you can follow the steps in the Developer Guide under Set up an AWS account.
- The use of an AWS Region. In this blog I have selected eu-west-1, Ireland. For the list of AWS IoT Greengrass v2 supported Regions, see AWS IoT Greengrass V2 endpoints and quotas in the AWS General Reference
- An AWS Identity and Access Management (IAM) user with administrator permissions to create and edit users.
- A Windows, macOS, or Unix-like development computer with an internet connection.
- A device that meets the Requirements to install and run the AWS IoT Greengrass Core software v2.0 and has an internet connection to access the AWS cloud services.
Step 1. Navigate to AWS IoT Greengrass getting started guide
- Navigate to the AWS IoT Core console.
- Expand Greengrass.
- Choose Getting started.
- Choose Set up one core device.
- In the Install the Greengrass Core software section, select Windows.
- This blog will walk you through the steps on the Windows device to install AWS IoT Greengrass.
Step 2. Install Java on the device
The first step is to install Java or check that Java is installed on the device. A minimum of Java version 8 is required as AWS IoT Greengrass components, such as the nucleus, are written in Java to provide better portability between platforms.
To check if Java is installed:
- Open command prompt (enter command prompt in the windows search bar).
- Enter
java -version
If you have java installed you will see the version in the output.
If Java is not installed you will get a message: ‘java’ is not recognized as an internal or external command, operatable program or batch file.
You can download and install OpenJava or Corretto from the Corretto 11 User Guide. You may have to restart the machine after installing Java.
Step 3. Create an AWS IAM user who has permissions to provision a device
The next step is to configure the AWS credentials. On the device you will need to provide the credentials of an AWS IAM user that has permissions to create and provision the AWS IoT Greengrass device. This is only needed since we are following the quick start method. In production or for a large number of devices we would automate this process.
- Open the AWS console and navigate to the IAM Console.
- Choose Users.
- Choose Add users.
- For name enter GGv2ProvisionUser.
- Select the Access key as we will only use this IAM user via the CLI.
- Choose Next: Permissions.
- Choose Attach existing policies directly.
- Search and select IAMFullAccess. This is used to create the new AWS IoT Greengrass user accounts and roles.
- Search and select AWSIoTFullAccess. This is used to create the device.
- Search and select AWSGreengrassFullAccess. This is used to update the AWS IoT Greengrass service.
- Choose Next: Tags.
- Choose Next: Review.
- Choose Create user.
- Choose Download .csv button to save the login credentials access key and secret access key.
- Choose Close.
Step 4. Install version 2 of the AWS Command Line Interface (CLI) on the device
Next, we will configure the AWS CLI with the user we created in step 2.
- Install the AWS CLI on the device. You can follow the Getting started with the AWS CLI in the AWS Command Line Interface User Guide. Once installed you will have to reboot the machine.
- Open command prompt (enter command prompt in the windows search bar).
- Enter aws configure into the command prompt windows and press the enter key.
- Enter the AWS Access Key ID that you generated in step 3.
- Enter the AWS Secret Access key that you generated in step 3.
- Enter the Default region name, in my case I am using Ireland so eu-west-1.
- Enter the default output format type json.
Step 5. Create a local user on the Windows machine that will run AWS IoT Greengrass.
Next, we will create a local user for the AWS IoT Greengrass device to use. To do this we need to install psexec.exe
- Download PSExec from the Sysinternals downloads page and extract the zip file.
- Copy psexec.exe to C:\Windows\System32.
- Open Command Prompt as Administrator. (Enter command prompt in the windows search bar and choose Run as administrator.)
- Choose Yes if prompted by the UAC pop up.
- Run the following command to create a new user. Replace <password> with a secure password.
-
net user /add ggc_user <password>
-
- Now run the following command to store the password in the system account so that the AWS IoT Greengrass can access it. Replace <password> with the password you used in the previous step.
-
cd C:\Windows\System32
-
psexec -s cmd /c cmdkey /generic:ggc_user /user:ggc_user /pass:<password>
-
Step 6. Download and run the AWS IoT Greengrass installer
In this blog, we will use the getting started guide to setup one core device within minutes.
- Login to the AWS console and navigate to AWS IoT Core.
- Expand Greengrass from the left menu and choose Getting started.
- Choose Set up one core device.
- For core device name and thing group you may use the default.
- Under Step 3: Install the Greengrass Core software, select Windows.
- Choose Download.zip.
- Unzip the AWS IoT Greengrass v2 files.
- Open Command Prompt as Administrator. (Enter command prompt in the windows search bar and choose Run as administrator.)
- Navigate to the folder where you have unzipped the files, in my case:
D:\Users\paulshiner\Desktop\gg>
- Run the command under Run the installer. You should see an output with a message that it successfully provisioned AWS IoT resources, added Thing into Thing Group, configured Nucleus, and setup Nucleus as a system service.
- After the installation process completes, you can proceed to next step.
Step 7. Checking that AWS IoT Greengrass is installed and running.
Now we will check the device is showing in the AWS console.
- Navigate to the AWS IoT Core console.
- Select Greengrass.
- Choose Core devices.
- The device you created in step 6 will be listed under Greengrass core devices.
- Check that AWS IoT Greengrass is installed and running as a system service by opening Services (enter services in the Windows search bar).
- Review the list of services for greengrass and the status is running. If not, repeat the installation steps in step 6 and check for errors. You can also review Troubleshooting AWS IoT Greengrass V2 in the Developer Guide.
Step 8. Create and deploy your first AWS IoT Greengrass component
In this blog we will create a simple batch file that we can deploy to the device. This batch file will log the current OS version to a text file which we can then upload or retrieve remotely. I have chosen a batch file to show one of the simplest operations that AWS IoT Greengrass can run. You may want to run an executable or Python code to retrieve data from a 3rd party system..
- Create a file called software.bat with the following contents:
-
@ECHO OFF >hardware.txt ( :: This batch file will discover the windows version we are using and store to a text file TITLE My System Info ECHO ========================== ECHO WINDOWS INFO ECHO ============================ systeminfo | findstr /c:"OS Name" systeminfo | findstr /c:"OS Version" systeminfo | findstr /c:"System Type" )
-
- We will store this file in Amazon S3 under a folder structure that can be used to manage the versions.
- Navigate to Amazon S3 Console.
- Choose Create Bucket.
- Give your bucket a globally unique name (greengrasscomponents + a random string such as the date/time of creation).
- Choose the Region that your AWS IoT Greengrass device was installed.
- Choose Create bucket.
- When you return to the previous screen select the bucket name that you just created.
- Choose Create folder.
- For Folder name, enter artifacts.
- Navigate into that folder and create another folder called com.example.software.
- Navigate into that folder and create another folder called 1.0.0 this will be used to hold our first version of the code.
- You should now have a folder structure that resembles greengrasscomponents_<unique name>/artifacts/com.example.software/1.0.0/
- Choose Upload and select software.bat file that you created earlier into the 1.0.0 folder.
- Now select the link software.bat file in this folder.
- Choose the S3 URI to copy that link. We will need that in the recipe file.
Now we need to make sure the AWS IoT Greengrass role has access to read the files from the Amazon S3 bucket before we can try to deploy the component.
- Navigate to the AWS IoT Core console.
- Select Secure.
- Select Role Aliases.
- The role alias that was created during the AWS IoT Greengrass installer process will be listed.
- Choose the role.
- Choose Edit IAM Role
- The link should open the IAM console for that role.
- Choose the Permissions tab. A GreengrassV2TokenExchangeRoleAccess policy is listed. You may have to expand the list.
- Choose Edit Policy
- Choose + Add additional permissions.
- Choose the service Amazon S3 by expanding the Choose a Service and searching for S3.
- Next expand the Read section under the Access level heading and select the following check boxes GetObject and GetBucketLocation.
- Expand the Resources section using the arrow.
- Choose Add ARN next to bucket. A window will open that will prompt you to enter your bucket name in my case this is greengrasscomponents_<unique name>.
- Select Add.
- Choose Add ARN next to object. A window will open that will prompt you to enter the bucket name and object name. Enter your bucket name (in my case this is greengrasscomponents_<unique name>).
- Select the Any box next to the Object name entry box to allow the policy to get all objects in this bucket.
- Choose Review policy.
- Choose Save Changes.
Now we are ready to create our first component to deploy and run on our Windows AWS IoT Greengrass device.
- Navigate to the AWS IoT Core console.
- Choose Components.
- Choose Create component.
- Enter the recipe below:
- Replace <bucket_name> with the name you chose in step 8.
-
{ "RecipeFormatVersion": "2020-01-25", "ComponentName": "com.example.software", "ComponentVersion": "1.0.0", "ComponentDescription": "My batch file", "ComponentPublisher": "Me", "ComponentConfiguration": { "DefaultConfiguration": { } }, "Manifests": [ { "Name": "windows", "Platform": { "os": "windows" }, "Lifecycle": { "Run": "{artifacts:path}/software.bat" }, "Artifacts": [ { "Uri": "s3://<bucket_name>/artifacts/com.example.software/1.0.0/software.bat" } ] } ] }
- Choose Create component.
- Choose Deploy.
- Select your Deployment group for your Windows device.
- Select the deploy button. You will return to the deployment screen where you can select the IoT Job which will show you the current status of the deployment. Wait until the deployment status is marked as successful before moving to the next step.
- On your windows device navigate to the AWS IoT Greengrass work folder (C:\greengrass\v2\work\com.example.software) using windows explorer. The batch file has created a hardware.txt file that will contain the results from the script.
- The file will contain the Windows information collected from the batch script. The contents of the document for my machine are as follows:
- AWS IoT Greengrass has an ever-growing repository of public open source components. You can see more examples in the Developer Guide, AWS-provided components. One of them is Log Manager. With Log Manager you can retrieve this log file or any files and send them securely to Amazon CloudWatch logs.
Clean Up
With AWS IoT Greengrass you only pay for what you use. You are charged per device connected so by disconnecting the device, you will no longer be charged. You can find the current pricing on the product page under AWS IoT Greengrass pricing.
To delete the device from your AWS IoT account, follow these steps:
- Navigate to the AWS IoT Core console.
- Select Manage then select Things.
- Select the checkbox next to your device and choose Delete.
- Confirm the name of the device in the prompt and choose Delete.
You will be charged for the storage of the artifacts within the Amazon S3 bucket. To delete the objects in the Amazon S3 bucket and the bucket, follow the steps in the Amazon Simple Storage Service (S3) User Guide under Deleting a bucket.
Conclusion
In this blog we have demonstrated how AWS IoT Greengrass can now be used on Windows devices to deploy and run specific tools to help solve commonly encountered challenges in IoT development. AWS IoT Greengrass comes with many pre-built components that help you solve various IoT challenges quickly and easily. You can use these components to start building your IoT solution on Windows today.
For more information, visit the Getting started with AWS IoT Greengrass V2 page in the Developer Guide. To learn more about this release, read the AWS IoT Greengrass v2.5 release notes. To see a set of supported components on Windows, visit the AWS IoT Greengrass public components list.
About the authors
Paul Shiner is a Senior IoT specialist based in the UK helping customers solve their business issues with IoT. | |
Kash Patel is a Senior Technical Product Manager in the US helping customers build scalable IoT solutions using AWS. |