Connection module for Amazon IoT
New in version 2016.3.0.
boto
boto3
The dependencies listed above can be installed via package or pip.
This module accepts explicit Lambda credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More Information available at:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
If IAM roles are not used you need to specify them either in a pillar or in the minion's config file:
iot.keyid: GKTADJGHEIQSXMKKRBJ08H
iot.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
A region may also be specified in the configuration:
iot.region: us-east-1
If a region is not specified, the default is us-east-1.
It's also possible to specify key, keyid and region via a profile, either as a passed in dict, or as a string to pull from pillars or minion config:
myprofile:
keyid: GKTADJGHEIQSXMKKRBJ08H
key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
region: us-east-1
Attach the specified policy to the specified principal (certificate or other credential.)
Returns {attached: true} if the policy was attached {attached: False} if the policy was not attached.
CLI Example:
salt myminion boto_iot.attach_principal_policy mypolicy mycognitoID
Given a valid config, create a policy.
Returns {created: true} if the policy was created and returns {created: False} if the policy was not created.
CLI Example:
salt myminion boto_iot.create_policy my_policy \
'{"Version":"2015-12-12",\
"Statement":[{"Effect":"Allow",\
"Action":["iot:Publish"],\
"Resource":["arn:::::topic/foo/bar"]}]}'
Given a valid config, create a new version of a policy.
Returns {created: true} if the policy version was created and returns {created: False} if the policy version was not created.
CLI Example:
salt myminion boto_iot.create_policy_version my_policy \
'{"Statement":[{"Effect":"Allow","Action":["iot:Publish"],"Resource":["arn:::::topic/foo/bar"]}]}'
Given a valid config, create a thing type.
Returns {created: true} if the thing type was created and returns {created: False} if the thing type was not created.
New in version 2016.11.0.
CLI Example:
salt myminion boto_iot.create_thing_type mythingtype \
thingtype_description_string '["searchable_attr_1", "searchable_attr_2"]'
Given a valid config, create a topic rule.
Returns {created: true} if the rule was created and returns {created: False} if the rule was not created.
CLI Example:
salt myminion boto_iot.create_topic_rule my_rule "SELECT * FROM 'some/thing'" \
'[{"lambda":{"functionArn":"arn:::::something"}},{"sns":{\
"targetArn":"arn:::::something","roleArn":"arn:::::something"}}]'
Given a policy name, delete it.
Returns {deleted: true} if the policy was deleted and returns {deleted: false} if the policy was not deleted.
CLI Example:
salt myminion boto_iot.delete_policy mypolicy
Given a policy name and version, delete it.
Returns {deleted: true} if the policy version was deleted and returns {deleted: false} if the policy version was not deleted.
CLI Example:
salt myminion boto_iot.delete_policy_version mypolicy version
Given a thing type name, delete it.
Returns {deleted: true} if the thing type was deleted and returns {deleted: false} if the thing type was not deleted.
New in version 2016.11.0.
CLI Example:
salt myminion boto_iot.delete_thing_type mythingtype
Given a rule name, delete it.
Returns {deleted: true} if the rule was deleted and returns {deleted: false} if the rule was not deleted.
CLI Example:
salt myminion boto_iot.delete_rule myrule
Given a thing type name, deprecate it when undoDeprecate is False and undeprecate it when undoDeprecate is True.
Returns {deprecated: true} if the thing type was deprecated and returns {deprecated: false} if the thing type was not deprecated.
New in version 2016.11.0.
CLI Example:
salt myminion boto_iot.deprecate_thing_type mythingtype
Given a policy name describe its properties.
Returns a dictionary of interesting properties.
CLI Example:
salt myminion boto_iot.describe_policy mypolicy
Given a policy name and version describe its properties.
Returns a dictionary of interesting properties.
CLI Example:
salt myminion boto_iot.describe_policy_version mypolicy version
Given a thing type name describe its properties.
Returns a dictionary of interesting properties.
New in version 2016.11.0.
CLI Example:
salt myminion boto_iot.describe_thing_type mythingtype
Given a topic rule name describe its properties.
Returns a dictionary of interesting properties.
CLI Example:
salt myminion boto_iot.describe_topic_rule myrule
Detach the specified policy from the specified principal (certificate or other credential.)
Returns {detached: true} if the policy was detached {detached: False} if the policy was not detached.
CLI Example:
salt myminion boto_iot.detach_principal_policy mypolicy mycognitoID
List all policies
Returns list of policies
CLI Example:
salt myminion boto_iot.list_policies
Example Return:
policies:
- {...}
- {...}
List the versions available for the given policy.
CLI Example:
salt myminion boto_iot.list_policy_versions mypolicy
Example Return:
policyVersions:
- {...}
- {...}
List the policies attached to the given principal.
CLI Example:
salt myminion boto_iot.list_principal_policies myprincipal
Example Return:
policies:
- {...}
- {...}
List all rules (for a given topic, if specified)
Returns list of rules
CLI Example:
salt myminion boto_iot.list_topic_rules
Example Return:
rules:
- {...}
- {...}
Given a policy name, check to see if the given policy exists.
Returns True if the given policy exists and returns False if the given policy does not exist.
CLI Example:
salt myminion boto_iot.policy_exists mypolicy
Given a policy name and version ID, check to see if the given policy version exists.
Returns True if the given policy version exists and returns False if the given policy version does not exist.
CLI Example:
salt myminion boto_iot.policy_version_exists mypolicy versionid
Given a valid config, replace a topic rule with the new values.
Returns {created: true} if the rule was created and returns {created: False} if the rule was not created.
CLI Example:
salt myminion boto_iot.replace_topic_rule my_rule 'SELECT * FROM some.thing' \
'[{"lambda":{"functionArn":"arn:::::something"}},{"sns":{\
"targetArn":"arn:::::something","roleArn":"arn:::::something"}}]'
Sets the specified version of the specified policy as the policy's default (operative) version. This action affects all certificates that the policy is attached to.
Returns {changed: true} if the policy version was set {changed: False} if the policy version was not set.
CLI Example:
salt myminion boto_iot.set_default_policy_version mypolicy versionid
Given a thing type name, check to see if the given thing type exists
Returns True if the given thing type exists and returns False if the given thing type does not exist.
New in version 2016.11.0.
CLI Example:
salt myminion boto_iot.thing_type_exists mythingtype
Given a rule name, check to see if the given rule exists.
Returns True if the given rule exists and returns False if the given rule does not exist.
CLI Example:
salt myminion boto_iot.topic_rule_exists myrule