( No. AWS Connected Device Framework is not a new service, but a suite of production grade micro-services (referred to as modules))that a customer can own and deploy to their accounts to help build common device management patterns using AWS services.
AWS Connected Device Framework currently includes the following set of components across various device lifecycle stages.
The current release offers the following:
- Secure bulk certificate creation
- Flexible device provisioning
- Greengrass bulk provisioning
- Automated Greengrass device installation and configuration
- Expiring certificate detection
- Certificate vending
- Asset management, as well as auditing capabilities
- Real-time notifications via email, SMS and/or mobile push
- Device connectivity tracking
- OTA flows
- Reference CI/CD pipelines including automated integration testing
- Device simulation, as well as platform load testing tools
- Various authentication / authorization methods supported
AWS Connected Device Framework takes an opinionated approach to implementing the above listed features. This helps you get up and running quickly. If these features are not an exact match for what you want, you can always customize the framework through well-defined interfaces. In the current version, you may customize Authentication and Authorization provider, device onboarding workflow, device metadata, asset data, and OTA. If customization also does not meet your needs, you can extend the base framework at well-defined extension points to implement functionality to suit your need.
Yes, you may modify the framework. We encourage customers to contribute enhancements to the framework.
There is no additional charge for AWS Connected Device Framework. However, you will be charged for usage of underlying AWS services as per the published pricing for those services.
The AWS CDF is comprised of the following modules:
- Bulk certs
- Provisioning
- Greengrass V2 provisioning
- Device Patcher
- Certificate renewal
- Certificate vendor
- Certificate activator
- Asset Library
- Asset Library history
- Notifications
- Device Monitoring
- Commands
- Device Simulator
- Platform load tester
Devices interacting with AWS CDF over MQTT are authenticated via X.509 certificates. Devices and/or users interacting with AWS CDF over HTTPS may use Cognito, Lambda request authorizers, Lambda token authorizers, IAM, API key, or private API gateways.
In addition, the Asset Library supports a fine-grained access control method to allow for granular authorization management such as in multi-tenant scenarios.
Q. I have unique requirements for device onboarding requiring specific activities to be performed during this phase. How can I leverage AWS Connected Device Framework?
The Provisioning component included in the framework does not impose any specific activity and allows you to specify a custom workflow of onboarding activities. With this approach, you can completely customize the activities which need to be carried out during device onboarding
The framework is built on native AWS services. The provided references applications are built on the serverless paradigm making it highly scalable and fault tolerant. You can customize this application to create your own highly scalable application. If you make any changes to underlying modules, please follow the AWS best practices to ensure high availability and scalability.