Skip to content
/ cdk-iot-core-certificates-v3 Public

AWS CDK construct for managing certificates, policies and things for AWS IoT Core

License

Apache-2.0 license
4 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

badmintoncryer/cdk-iot-core-certificates-v3

BranchesTags

Repository files navigation

AWS IoT Core Thing with Certificate v3 construct

This is a CDK construct that creates an AWS IoT Core Thing with a certificate and policy using aws-sdk-js-v3.

elements

Cloudformation does not support creating a certificate for an IoT Thing, so this construct uses the AWS SDK to create a certificate and attach it to the Thing.

This construct is a modified version of this excellent construct (cdk-iot-core-certificate) to work with aws-sdk-js-v3.

View on Construct Hub Open in Visual Studio Code npm version Build Status Release Status License Downloads npm downloads

Installation

npm i cdk-iot-core-certificates-v3

Usage

import * as s3 from 'aws-cdk-lib/aws-s3';
import { ThingWithCert } from 'cdk-iot-core-certificates-v3';

declare const saveFileBucket: s3.IBucket;

const { thingArn, certId, certPem, privKey } = new ThingWithCert(this, 'MyThing', {
  // The name of the thing
  thingName: 'MyThing',
  // Whether to save the certificate and private key to the SSM Parameter Store
  saveToParamStore: true,
  // The prefix to use for the SSM Parameter Store parameters
  paramPrefix: 'test',
  // The bucket to save the certificate and private key to
  // Both files are saved at `{thingName}/{thingName}.private.key` and `{thingName}/{thingName}.cert.pem`
  // If not provided, the certificate and private key will not be saved
  saveFileBucket,
});

If you want to create multiple things and save certificates and private keys to the same bucket, you should not use saveFileBucket prop and save them at once by BucketDeployment construct.

This is because the each saveFileBucket prop will share a custom resource for each thing, which will cause the deployment to fail.

import * as s3 from 'aws-cdk-lib/aws-s3';
import * as s3deploy from 'aws-cdk-lib/aws-s3-deployment';
import { ThingWithCert } from 'cdk-iot-core-certificates-v3';

const thingNames = ['Thing1', 'Thing2', 'Thing3'];
const certBucket = new s3.Bucket(this, "CertBucket");
const sources: s3deploy.ISource[] = [];

thingNames.forEach((thingName, index) => {
  const { certPem, privKey } = new ThingWithCert(this, `Thing${index}`, {
    thingName,
    saveToParamStore: true,
  });
  sources.push(
    s3deploy.Source.data(`${thingName}/${thingName}.cert.pem`, certPem),
    s3deploy.Source.data(`${thingName}/${thingName}.private.key`, privKey)
  );
});

// Deploy the certificate and private key to the S3 bucket at once
new s3deploy.BucketDeployment(this, "DeployCerts", {
  sources,
  destinationBucket: certBucket,
});

About

AWS CDK construct for managing certificates, policies and things for AWS IoT Core

Resources

Readme

License

Apache-2.0 license
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 14

v0.0.13 Latest
Mar 28, 2025
+ 13 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages