Devices and jobs
Devices can communicate with AWS IoT Jobs using MQTT, HTTP Signature Version 4, or HTTP TLS. To determine the endpoint to use when your device communicates with AWS IoT Jobs, run the DescribeEndpoint command. For example, if you run this command:
aws iot describe-endpoint --endpoint-type iot:Data-ATS
you get a result similar to the following:
{ "endpointAddress": "a1b2c3d4e5f6g7-ats.iot.us-west-2.amazonaws.com" }
Devices can communicate with AWS IoT Jobs using MQTT protocol. Devices subscribe to MQTT topics to be notified of new jobs and to receive responses from the AWS IoT Jobs service. Devices publish on MQTT topics to query or update the state of a job launch. Each device has its own general MQTT topic. For more information about publishing and subscribing to MQTT topics, see Device communication protocols.
With this method of communication, your device uses its device-specific certificate and private key to authenticate with AWS IoT Jobs.
Your devices can subscribe to the following topics. thing-name
is
the name of the thing associated with the device.
-
$aws/things/
thing-name
/jobs/notifySubscribe to this topic to notify you when a job launch is added or removed from the list of pending job launches.
-
$aws/things/
thing-name
/jobs/notify-nextSubscribe to this topic to notify you when the next pending job execution has changed.
-
$aws/things/
thing-name
/jobs/request-name
/acceptedThe AWS IoT Jobs service publishes success and failure messages on an MQTT topic. The topic is formed by appending
accepted
orrejected
to the topic used to make the request. Here,request-name
is the name of a request such asGet
and the topic can be:$aws/things/myThing/jobs/get
. AWS IoT Jobs then publishes success messages on the$aws/things/myThing/jobs/get/accepted
topic. -
$aws/things/
thing-name
/jobs/request-name
/rejectedHere,
request-name
is the name of a request such asGet
. If the request failed, AWS IoT Jobs publishes failure messages on the$aws/things/myThing/jobs/get/rejected
topic.
You can also use the following HTTPS API operations:
-
Update the status of a job execution by calling the
UpdateJobExecution
API. -
Query the status of a job execution by calling the
DescribeJobExecution
API. -
Retrieve a list of pending job executions by calling the
GetPendingJobExecutions
API. -
Retrieve the next pending job execution by calling the
DescribeJobExecution
API withjobId
as$next
. -
Get and start the next pending job execution by calling the
StartNextPendingJobExecution
API.
Devices can communicate with AWS IoT Jobs using HTTP Signature Version 4 on
port 443. This is the method used by the
AWS SDKs and CLI. For more information about those tools, see AWS CLI Command Reference:
iot-jobs-data or AWS SDKs and Tools
With this method of communication, your device uses IAM credentials to authenticate with AWS IoT Jobs.
The following commands are available using this method:
-
DescribeJobExecution
aws iot-jobs-data describe-job-execution ...
-
GetPendingJobExecutions
aws iot-jobs-data get-pending-job-executions ...
-
StartNextPendingJobExecution
aws iot-jobs-data start-next-pending-job-execution ...
-
UpdateJobExecution
aws iot-jobs-data update-job-execution ...
Devices can communicate with AWS IoT Jobs using HTTP TLS on port 8443 using a third-party software client that supports this protocol.
With this method, your device uses X.509 certificate-based authentication (for example, its device-specific certificate and private key).
The following commands are available using this method:
-
DescribeJobExecution
-
GetPendingJobExecutions
-
StartNextPendingJobExecution
-
UpdateJobExecution
Programming devices to work with jobs
The examples in this section use MQTT to illustrate how a device works with the
AWS IoT Jobs service. Or, you could use the corresponding API or CLI
commands. For these examples, we assume a device called MyThing
that subscribes to the following MQTT topics:
-
$aws/things/
(orMyThing
/jobs/notify$aws/things/
)MyThing
/jobs/notify-next -
$aws/things/
MyThing
/jobs/get/accepted -
$aws/things/
MyThing
/jobs/get/rejected -
$aws/things/
MyThing
/jobs/jobId
/get/accepted -
$aws/things/
MyThing
/jobs/jobId
/get/rejected
If you're using code signing for AWS IoT, your device code must verify the signature of
your code file. The signature is in the job document in the codesign
property. For more information about verifying a code file signature, see Device Agent
Sample