-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathiot.go
More file actions
150 lines (120 loc) · 4.01 KB
/
iot.go
File metadata and controls
150 lines (120 loc) · 4.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
package ggprov
import (
"fmt"
"log"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/iot"
"github.com/pkg/errors"
)
// Thing an aws thing
type Thing struct {
Name string
Arn string
}
// IotPolicy IAM role
type IotPolicy struct {
Name string
Arn string
}
// IotEndpoint IoT Service Endpoint
type IotEndpoint struct {
Hostname string
}
// ThingCreds the certificates and keys for aws thing
type ThingCreds struct {
CertificateArn string
CertificatePem string
PrivateKey string
PublicKey string
}
func newThing(ctresp *iot.CreateThingOutput) *Thing {
return &Thing{
Name: aws.StringValue(ctresp.ThingName),
Arn: aws.StringValue(ctresp.ThingArn),
}
}
func newPolicy(policyName *string, policyArn *string) *IotPolicy {
return &IotPolicy{
Name: aws.StringValue(policyName),
Arn: aws.StringValue(policyArn),
}
}
func newEndpoint(deresp *iot.DescribeEndpointOutput) *IotEndpoint {
return &IotEndpoint{
Hostname: aws.StringValue(deresp.EndpointAddress),
}
}
func newThingCreds(ckacresp *iot.CreateKeysAndCertificateOutput) *ThingCreds {
return &ThingCreds{
CertificateArn: aws.StringValue(ckacresp.CertificateArn),
CertificatePem: aws.StringValue(ckacresp.CertificatePem),
PrivateKey: aws.StringValue(ckacresp.KeyPair.PrivateKey),
PublicKey: aws.StringValue(ckacresp.KeyPair.PublicKey),
}
}
// CreateThing create an AWS IoT thing
func (s *Svcs) CreateThing(thingName string) (*Thing, error) {
log.Println("Creating thing")
ctresp, err := s.IoTAPI.CreateThing(&iot.CreateThingInput{
ThingName: aws.String(thingName),
})
if err != nil {
return nil, errors.Wrap(err, "Failed to create thing")
}
return newThing(ctresp), nil
}
// CreateKeysAndCertificates create and active thing certificates and keys
func (s *Svcs) CreateKeysAndCertificates() (*ThingCreds, error) {
log.Println("Creating thing certificates")
ckacresp, err := s.IoTAPI.CreateKeysAndCertificate(&iot.CreateKeysAndCertificateInput{
SetAsActive: aws.Bool(true),
})
if err != nil {
return nil, errors.Wrap(err, "Failed to create thing certificates and keys")
}
return newThingCreds(ckacresp), nil
}
// CreateThingPolicy create a thing policy
func (s *Svcs) CreateThingPolicy(thingName string) (*IotPolicy, error) {
log.Println("Creating thing policy for", thingName)
return s.CreateIotPolicy(fmt.Sprintf("%s-DEPLOYMENT-IOT-Policy", thingName), ggThingPolicyDocument)
}
// CreateIotPolicy create an iam policy
func (s *Svcs) CreateIotPolicy(policyName, document string) (*IotPolicy, error) {
log.Println("Get service policy")
cpresp, err := s.IoTAPI.CreatePolicy(&iot.CreatePolicyInput{
PolicyName: aws.String(policyName),
PolicyDocument: aws.String(document),
})
if err != nil {
return nil, errors.Wrap(err, "Failed to create policy")
}
return newPolicy(cpresp.PolicyName, cpresp.PolicyArn), nil
}
// AttachPrincipalPolicy attach the thing policy to the principal
func (s *Svcs) AttachPrincipalPolicy(thingCreds *ThingCreds, policy *IotPolicy) error {
log.Println("Attach policy to principal", thingCreds.CertificateArn, policy.Name)
_, err := s.IoTAPI.AttachPrincipalPolicy(&iot.AttachPrincipalPolicyInput{
Principal: aws.String(thingCreds.CertificateArn),
PolicyName: aws.String(policy.Name),
})
return errors.Wrap(err, "Failed to attach Policy to Principal")
}
// AttachThingPrincipal attach thing to principal
func (s *Svcs) AttachThingPrincipal(thing *Thing, thingCreds *ThingCreds) error {
log.Println("Attach thing to principal")
_, err := s.IoTAPI.AttachThingPrincipal(&iot.AttachThingPrincipalInput{
Principal: aws.String(thingCreds.CertificateArn),
ThingName: aws.String(thing.Name),
})
return errors.Wrap(err, "Failed to attach Thing to Principal")
}
// GetIoTEndpoint get the iot endpoint information
func (s *Svcs) GetIoTEndpoint() (*IotEndpoint, error) {
log.Println("Get IoT Endpoint")
geresp, err := s.IoTAPI.DescribeEndpoint(&iot.DescribeEndpointInput{})
if err != nil {
return nil, errors.Wrap(err, "Failed to retrieve endpoint")
}
return newEndpoint(geresp), nil
}