This CDK stack generates a custom raspbian image which automates onboarding of Raspberry Pi devices to AWS IoT Core.
- Create a custom raspbian based image which:
- Enables connection to a WiFi network.
- Sets a unique hostname for the device based on its Ethernet MAC address. As an example a Ethernet MAC address of dc:a6:32:01:23:45 will result in a hostname of dca632012345.
- Requests a fully functional identity on first boot with the necessary IoT permissions that the device can use for subsequent communication with AWS IoT Core.
- The aws-cli must be installed and configured with an AWS account on the deployment machine (see https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html for instructions on how to do this on your preferred development platform).
- This project requires Node.js and yarn. To make sure you have them available on your machine, try running the following command.
yarn -v && node -v
You can do it from the AWS console or from the command line:
aws secretsmanager create-secret --name RPI_WIFI_PASSWORD \
--description "RaspberryPi Wifi Password" \
--secret-string 'redacted'
Update the Wifi network SSID/country and public SSH key used to connect to your devices in the lib/utils/constants.ts file.
Deploy this stack to your AWS account/region:
yarn && yarn build
yarn cdk deploy '*'
The CDK stack creates a CodePipeline which builds the custom raspbian image and stores it in S3.
Once the stack is deployed, you can check the progress of the pipeline in the AWS console. Once the pipeline is completed, download the custom raspbian image from S3 (Check the "Artifacts upload location" in the Codebuild project to find the S3 bucket).
Unzip the image and write it on your Raspberry Pi sd card
unzip aws-raspbian.zip
# Find the SD card external disk
diskutil list external
# Write the image (replace /dev/disk123abcd with the name of the SD card external disk)
diskutil unmountDisk /dev/disk123abcd
sudo dd bs=1m if=aws-raspbian.img of=/dev/disk123abcd conv=sync
A Raspberry Pi booting using this image will automatically requests a fully functional identity on first boot with the necessary IoT permissions that the device can use for subsequent communication with AWS IoT Core (see rpi-image-builder/firstboot.bash).
Assuming you're on the same Wifi network as a device using this image, you can ssh into a device using its unique hostname and the SSH key you specified in the config:
# Replace dca632012345 with your device name
ssh pi@dca632012345.local
- Provisioning by Claim workflow blog post.
- Edge Reference Client to demonstrate fleet provisioning for AWS IoT Core
- Safely enabling ssh in the default Raspberry Pi OS Image
See CONTRIBUTING for more information.
This library is licensed under the Apache-2.0 License. See the LICENSE file.