I’m working with AWS IoT Core and using Device Shadows to control an IoT device (ESP32 connected to a relay to turn ON/OFF a motor), Right now, any user can turn the motor ON/OFF by updating the device shadow with:
"state": {
"desired": {
"status": "ON",
"duration": 5,
}
}
Current architecture
- Users send a shadow update
- ESP32 listens to the delta shadow update topic and switches the motor ON
- A Lambda function listens to delta updates and triggers a Step Function for delayed shutdown.
- After the delay, another Lambda updates the shadow
state.desired.status: "OFF"
What I Need Help With
I want to introduce an admin role that can:
- Override any user command and immediately turn the motor OFF.
- Turn the motor ON indefinitely (without a time limit).
My Questions:
What is the best practice for enforcing admin control in AWS IoT Core involving Device Shadows?
Should I handle this in shadow update logic, IAM policies, AWS Cognito roles, or MQTT topic separation?
How do I prevent users from overriding an admin's action?
Would appreciate any guidance or examples!
I’m working with AWS IoT Core and using Device Shadows to control an IoT device (ESP32 connected to a relay to turn ON/OFF a motor), Right now, any user can turn the motor ON/OFF by updating the device shadow with:
"state": {
"desired": {
"status": "ON",
"duration": 5,
}
}
Current architecture
- Users send a shadow update
- ESP32 listens to the delta shadow update topic and switches the motor ON
- A Lambda function listens to delta updates and triggers a Step Function for delayed shutdown.
- After the delay, another Lambda updates the shadow
state.desired.status: "OFF"
What I Need Help With
I want to introduce an admin role that can:
- Override any user command and immediately turn the motor OFF.
- Turn the motor ON indefinitely (without a time limit).
My Questions:
What is the best practice for enforcing admin control in AWS IoT Core involving Device Shadows?
Should I handle this in shadow update logic, IAM policies, AWS Cognito roles, or MQTT topic separation?
How do I prevent users from overriding an admin's action?
Would appreciate any guidance or examples!
Share Improve this question edited Mar 20 at 5:20 Musab Gulfam 32 bronze badges asked Mar 19 at 9:37 Musab GulfamMusab Gulfam 1822 silver badges9 bronze badges1 Answer
Reset to default 0To override a user command and immediately turn the motor OFF, we can use AWS Step Functions with a conditional check for adminOverride. If adminOverride is true, the Step Function bypasses the usual delay and immediately triggers the motor shutdown via a Lambda function.
How It Works
AWS IoT Rules detects when an admin publishes to a certain topic which triggers the AWS Step Function with payload
adminOverrideproperty set to totrueThe Step Function checks for
adminOverride.If
true, it triggers the motor shutdown immediately.Otherwise, it follows the default wait time before shutting down the motor.
Step Function Definition
{
"Comment": "Conditional flow with admin override OR delay",
"StartAt": "Check Admin Override",
"States": {
"Check Admin Override": {
"Type": "Choice",
"Choices": [
{
"Variable": "$.adminOverride",
"BooleanEquals": true,
"Next": "TriggerMotorShutdown"
}
],
"Default": "Wait"
},
"Wait": {
"Type": "Wait",
"TimestampPath": "$.delayTimestamp",
"Next": "TriggerMotorShutdown"
},
"TriggerMotorShutdown": {
"Type": "Task",
"Resource": "arn:aws:states:::lambda:invoke",
"OutputPath": "$.Payload",
"Parameters": {
"FunctionName": "arn:aws:lambda:us-east-1:xxxxxxxxxx:function:TriggerMotorShutdown:$LATEST",
"Payload": {
"input.$": "$"
}
},
"Retry": [
{
"ErrorEquals": [
"Lambda.ServiceException",
"Lambda.AWSLambdaException",
"Lambda.SdkClientException",
"Lambda.TooManyRequestsException"
],
"IntervalSeconds": 1,
"MaxAttempts": 3,
"BackoffRate": 2,
"JitterStrategy": "FULL"
}
],
"End": true
}
}
}