© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
IOT204
Introduction to IoT in the CloudLearn about AWS IoT and listen to Amway’s story on
its journey to a leading connected company
What to Expect from the Session
Overview of the AWS IoT Service
What’s new this year
- The Console
- Operational Analytics
- Security
Learn from our customers. Here with us:
Beginning of a Massive Disruption
Data generation and access are changing fast
Human generated data
Sporadic interactions
Partial view of the world
Machines generated data
Continuous interactions
Complete view of the world
The beginning needs strong foundations
Three pillars for IoT
Simplicity Scale Security
AWS IoT Platform
All in one service
Message Broker
+ Rules Engine
+ Shadow
+ Registry
All for $5/M Msg*
Managed service
No installation
Automatic scaling
No pre-provisioning
Redundant across AZ
Pay as you go
* Varies by Region
Simple Pay as you go and Predictable Pricing
AWS IoT
• No minimum fees
• $5 per million messages published to, or delivered
in US East (N. Virginia), US West (Oregon), Ireland,
Germany, $6/M in Korea, Australia, $8/M in Asia
Pacific (Tokyo, and Singapore),
Free Tier250,000 Messages Per Month Free for first 12 Months
Enterprise Discounts AvailableFor large volumes our Enterprise Sales team is engaged
Working backward from customers
Pace of innovation
AWS IoT Beta
MQTT, HTTP
Rule Engine
Registry
C, Node SDK
Shadow
GA Launch
IPv6 Support
iOS SDK
• New Region: FRA, SIN
• Bring Your Own Certificate
• AWS CloudTrail Integration
• Amazon Machine Learning
• 24h WebSocket cnx
• Rule Engine versions
• ECC Support (w/ forward
secrecy)
• Binary payloads support
• Simulator ref design
• Real-time alerts in console
• QoS1 for shadow
• MQTT over
WebSocket
• MQTT client in Console
• Custom Keep Alive
intervals
• Logging configuration
in Console
• Amazon CloudWatch
integration
• Android SDK
• New Rule Actions
• CloudWatch Logs
• CloudWatch Alarms
• Amazon
Elasticsearch Service
• Thing Types
• Thing Shadow attributes in
Rule Engines
• Device Presence
• Security: JITR
• New Console
• New IoT at the Edge
(limited preview)
• Variable attributes in
Policies
• New Operational
Dashboards
OCT 15
2015 2016
DEC 15
New Onboarding Wizard: Connect in 9x faster
Choose how you want to
connect
And what language you
need
Configure in 3 steps
We create everything you need for you
Including Registry objects, certificates,
permissions, setup files, testing scripts
Validate. It Works!
Complete Console Redesign
Clear navigation
Operational dashboards
Onboarding experience
Deep Dive on Operational Dashboards
Operational Analytics platform and things level
Connection success counts
Protocol usage and traffic types
Messages publish counts
Rules execution counts
General Dashboard
Life cycle events
Messages directions
Custom Metrics!
Things Metrics
Certificate Metrics
Failed Authentications
Failed Authorizations
Security
X509 Certificates + TLS1.2
Security with AWS IoT
• Mutual Authentication using X509 Certificate, or
SigV4 for HTTPS and WebSocket
• Bring your own CSR or Certificate (BYOC) and
Just-In-Time Registration
• Support for RSA and ECC w/ Forward Secrecy
• 18 TLS Cipher Suites (incl. AES128-GCM-SHA256)
• Policy based access with dynamic values
• Role based Rules Action execution
• Partnership in Security with Atmel on the
ECC508
We turned one of the hardest security problem of securing
IoT devices into a BOM of a few cents
Everette Binger, Sr. IoT Solution Architect
Mike Gartner, Sr. IoT Platform Architect
26
WHO ARE WE?
27
AT A GLANCE
Everette Binger
12 Years at Amway
6 Years Solution Architecture
Mike Gartner
5 Years at Amway
12 Years Platform Architect
28
WHY IoT?
29
WHY IoT?
“In 2016, 5.5 million new things will get connected every day.” - Gartner, Inc.
30
Creating value for the One , the Many , the Al l
31
HOW?
32
How Did We Do This?
Adding a brand new business capability to our organization requires the understanding that key areas within the organization need to change.
“A connected device
requires a connected
organizat ion .”
33
Connected Organization
34
Agi le Approach
AN EMPOWERED TEAM consists of everything needed to create a product, including a
single point of contact for defining and prioritizing the tasks within the team.
35
REALLY HOW?
36
Architecture
Command and Control
mobile client
Amway
“Thing”
AWS
IoT
Device
Shadow
Historian
Topic
IoT
Topic
AWS
LambdaAmazon
DynamoDB
Historian
Rule
IoT
Rule
Amazon
Kinesis
Firehose
Amazon
EMR
Amazon
S3
Amazon
DynamoDB
JITR
Amazon
Cognito
Amazon API
Gateway
AWS
Lambda
Telemetry
Firmware Update
Thing Pairing
JITR
37
Just In T ime Registrat ion
Amway
“Thing”
Device
Registry
$aws/events/certific
ates/registered/caC
ertificateID
IoT
actionAWS
Lambda
Amazon
DynamoDB
Custom/{SHA256}IoT
actionAWS
Lambda
Amazon
DynamoDB
Robust IoT
policy
2
3 4 5
67
1
6
9
9
AWS
IoT
8
Basic IoT
policy
IoT
shadow
Custom/accepted
X
38
Connected Experience - DEMO
• Remote controlling the device On/off | Modes | Fan Speed
• Seeing the device status Fan Speed | Mode | Dust Levels
• View filter status Filter Life | Filters Installed
• Indoor Air Quality Monitor (AQI)Outdoor Air Quality Coming Soon!
Thank you!