终止支持通知:2026 年 10 月 7 日, AWS 将停止对的支持。 AWS IoT Greengrass Version 1 2026 年 10 月 7 日之后,您将无法再访问这些 AWS IoT Greengrass V1 资源。如需了解更多信息,请访问[迁移自 AWS IoT Greengrass Version 1](https://docs.aws.amazon.com/greengrass/v2/developerguide/migrate-from-v1.html)。
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# CloudFormation 支持 AWS IoT Greengrass
CloudFormation 是一项可以帮助您创建、管理和复制 AWS 资源的服务。您可以使用 CloudFormation 模板来定义 AWS IoT Greengrass 群组以及要部署的客户端设备、订阅和其他组件。有关示例,请参阅[示例 模板](#cloudformation-support-example)。
您从模板中生成的资源和基础设施称为*堆栈*。您可以在一个模板中定义所有资源,也可以引用其他堆栈中的资源。有关 CloudFormation 模板和功能的更多信息,请参阅[什么是 CloudFormation?](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html) 在《*AWS CloudFormation 用户指南》*中。
## 创建 资源
CloudFormation 模板是描述 AWS 资源属性和关系的 JSON 或 YAML 文档。支持以下 AWS IoT Greengrass 资源:
+ 组
+ 内核
+ 客户端设备(设备)
+ Lambda 函数
+ 连接器
+ 资源(本地、机器学习和密钥)
+ 订阅
+ 日志记录程序(日志记录配置)
在 CloudFormation 模板中,Greengrass 资源的结构和语法基于 API。 AWS IoT Greengrass 例如,[示例模板](#cloudformation-support-example)将一个顶级 `DeviceDefinition` 与包含单个客户端设备的 `DeviceDefinitionVersion` 关联。有关更多信息,请参阅 [AWS IoT Greengrass 群组对象模型概述](deployments.md#api-overview)。
*AWS CloudFormation 用户指南中的[AWS IoT Greengrass 资源类型参考](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_Greengrass.html)描述了您可以*管理的 Greengrass 资源。 CloudFormation当您使用 CloudFormation 模板创建 Greengrass 资源时,我们建议您仅从中管理它们。 CloudFormation例如,如果您想添加、更改或移除设备(而不是使用 AWS IoT Greengrass API 或 AWS IoT 控制台),则应更新您的模板。这允许您使用回滚及其他 CloudFormation 更改管理功能。有关使用 CloudFormation 创建和管理资源和堆栈的更多信息,请参阅*AWS CloudFormation 用户*指南中的[使用堆栈](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html)。
有关演示如何在 CloudFormation 模板中创建和部署 AWS IoT Greengrass 资源的演练,请参阅 AWS 官方博客上的 “物联网” CloudFormation上的 “[自动 AWS IoT Greengrass 设置](https://aws.amazon.com/blogs/iot/automating-aws-iot-greengrass-setup-with-aws-cloudformation/)”。
## 部署资源
创建包含您的群组版本的 CloudFormation 堆栈后,您可以使用 AWS CLI 或 AWS IoT 控制台对其进行部署。
**注意**
要部署群组,您必须拥有与您的群组关联的 Greengrass 服务角色。 AWS 账户服务角色允许 AWS IoT Greengrass 访问您在 AWS Lambda 和其他 AWS 服务中的资源。如果您已在当前 AWS 区域中部署了 Greengrass 组,则该角色应存在。有关更多信息,请参阅 [Greengrass 服务角色](service-role.md)。
**部署组 (AWS CLI)**
+ 运行 [https://docs.aws.amazon.com/greengrass/v1/apireference/createdeployment-post.html](https://docs.aws.amazon.com/greengrass/v1/apireference/createdeployment-post.html) 命令。
```
aws greengrass create-deployment --group-id GroupId --group-version-id GroupVersionId --deployment-type NewDeployment
```
**注意**
[示例模板](#cloudformation-support-example)中的`CommandToDeployGroup`语句显示了在创建堆栈 IDs 时如何使用您的组和组版本输出命令。
**部署组(控制台)**
1. **在 AWS IoT 控制台导航窗格的**管理**下,展开 **Greengrass** 设备,然后选择群组 (V1)。**
1. 选择您的组。
1. 在组配置页面上,选择**部署**。
## 示例 模板
以下示例模板创建一个包含核心、客户端设备、功能、日志记录程序、订阅和两种资源的 Greengrass 组。为此,模板遵循了 AWS IoT Greengrass API 的对象模型。例如,要添加到组的客户端设备包含在 `DeviceDefinitionVersion` 资源中,而后者与 `DeviceDefinition` 资源关联。要将设备添加到组,组版本将引用 `DeviceDefinitionVersion` 的 ARN。
该模板包含的参数允许您指定核心和 ARNs 设备的证书以及源 Lambda 函数(一种资源)的版本 ARN。 AWS Lambda 它使用`Ref`和`GetAtt`内部函数来引用 IDs ARNs、以及创建 Greengrass 资源所需的其他属性。
该模板还定义了两个 AWS IoT 设备(事物),它们代表添加到 Greengrass 组中的核心设备和客户端设备。
[使用 Greengrass 资源创建堆栈后,您可以使用或 AWS IoT 控制台部署 AWS CLI 群组。](#cloudformation-support-deploy)
**注意**
该示例中的 `CommandToDeployGroup` 语句说明如何输出可用于部署组的完整 **create-deployment** CLI 命令。
------
#### [ JSON ]
```
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "AWS IoT Greengrass example template that creates a group version with a core, device, function, logger, subscription, and resources.",
"Parameters": {
"CoreCertificateArn": {
"Type": "String"
},
"DeviceCertificateArn": {
"Type": "String"
},
"LambdaVersionArn": {
"Type": "String"
}
},
"Resources": {
"TestCore1": {
"Type": "AWS::IoT::Thing",
"Properties": {
"ThingName": "TestCore1"
}
},
"TestCoreDefinition": {
"Type": "AWS::Greengrass::CoreDefinition",
"Properties": {
"Name": "DemoTestCoreDefinition"
}
},
"TestCoreDefinitionVersion": {
"Type": "AWS::Greengrass::CoreDefinitionVersion",
"Properties": {
"CoreDefinitionId": {
"Ref": "TestCoreDefinition"
},
"Cores": [
{
"Id": "TestCore1",
"CertificateArn": {
"Ref": "CoreCertificateArn"
},
"SyncShadow": "false",
"ThingArn": {
"Fn::Join": [
":",
[
"arn:aws:iot",
{
"Ref": "AWS::Region"
},
{
"Ref": "AWS::AccountId"
},
"thing/TestCore1"
]
]
}
}
]
}
},
"TestClientDevice1": {
"Type": "AWS::IoT::Thing",
"Properties": {
"ThingName": "TestClientDevice1"
}
},
"TestDeviceDefinition": {
"Type": "AWS::Greengrass::DeviceDefinition",
"Properties": {
"Name": "DemoTestDeviceDefinition"
}
},
"TestDeviceDefinitionVersion": {
"Type": "AWS::Greengrass::DeviceDefinitionVersion",
"Properties": {
"DeviceDefinitionId": {
"Fn::GetAtt": [
"TestDeviceDefinition",
"Id"
]
},
"Devices": [
{
"Id": "TestClientDevice1",
"CertificateArn": {
"Ref": "DeviceCertificateArn"
},
"SyncShadow": "true",
"ThingArn": {
"Fn::Join": [
":",
[
"arn:aws:iot",
{
"Ref": "AWS::Region"
},
{
"Ref": "AWS::AccountId"
},
"thing/TestClientDevice1"
]
]
}
}
]
}
},
"TestFunctionDefinition": {
"Type": "AWS::Greengrass::FunctionDefinition",
"Properties": {
"Name": "DemoTestFunctionDefinition"
}
},
"TestFunctionDefinitionVersion": {
"Type": "AWS::Greengrass::FunctionDefinitionVersion",
"Properties": {
"FunctionDefinitionId": {
"Fn::GetAtt": [
"TestFunctionDefinition",
"Id"
]
},
"DefaultConfig": {
"Execution": {
"IsolationMode": "GreengrassContainer"
}
},
"Functions": [
{
"Id": "TestLambda1",
"FunctionArn": {
"Ref": "LambdaVersionArn"
},
"FunctionConfiguration": {
"Pinned": "true",
"Executable": "run.exe",
"ExecArgs": "argument1",
"MemorySize": "512",
"Timeout": "2000",
"EncodingType": "binary",
"Environment": {
"Variables": {
"variable1": "value1"
},
"ResourceAccessPolicies": [
{
"ResourceId": "ResourceId1",
"Permission": "ro"
},
{
"ResourceId": "ResourceId2",
"Permission": "rw"
}
],
"AccessSysfs": "false",
"Execution": {
"IsolationMode": "GreengrassContainer",
"RunAs": {
"Uid": "1",
"Gid": "10"
}
}
}
}
}
]
}
},
"TestLoggerDefinition": {
"Type": "AWS::Greengrass::LoggerDefinition",
"Properties": {
"Name": "DemoTestLoggerDefinition"
}
},
"TestLoggerDefinitionVersion": {
"Type": "AWS::Greengrass::LoggerDefinitionVersion",
"Properties": {
"LoggerDefinitionId": {
"Ref": "TestLoggerDefinition"
},
"Loggers": [
{
"Id": "TestLogger1",
"Type": "AWSCloudWatch",
"Component": "GreengrassSystem",
"Level": "INFO"
}
]
}
},
"TestResourceDefinition": {
"Type": "AWS::Greengrass::ResourceDefinition",
"Properties": {
"Name": "DemoTestResourceDefinition"
}
},
"TestResourceDefinitionVersion": {
"Type": "AWS::Greengrass::ResourceDefinitionVersion",
"Properties": {
"ResourceDefinitionId": {
"Ref": "TestResourceDefinition"
},
"Resources": [
{
"Id": "ResourceId1",
"Name": "LocalDeviceResource",
"ResourceDataContainer": {
"LocalDeviceResourceData": {
"SourcePath": "/dev/TestSourcePath1",
"GroupOwnerSetting": {
"AutoAddGroupOwner": "false",
"GroupOwner": "TestOwner"
}
}
}
},
{
"Id": "ResourceId2",
"Name": "LocalVolumeResourceData",
"ResourceDataContainer": {
"LocalVolumeResourceData": {
"SourcePath": "/dev/TestSourcePath2",
"DestinationPath": "/volumes/TestDestinationPath2",
"GroupOwnerSetting": {
"AutoAddGroupOwner": "false",
"GroupOwner": "TestOwner"
}
}
}
}
]
}
},
"TestSubscriptionDefinition": {
"Type": "AWS::Greengrass::SubscriptionDefinition",
"Properties": {
"Name": "DemoTestSubscriptionDefinition"
}
},
"TestSubscriptionDefinitionVersion": {
"Type": "AWS::Greengrass::SubscriptionDefinitionVersion",
"Properties": {
"SubscriptionDefinitionId": {
"Ref": "TestSubscriptionDefinition"
},
"Subscriptions": [
{
"Id": "TestSubscription1",
"Source": {
"Fn::Join": [
":",
[
"arn:aws:iot",
{
"Ref": "AWS::Region"
},
{
"Ref": "AWS::AccountId"
},
"thing/TestClientDevice1"
]
]
},
"Subject": "TestSubjectUpdated",
"Target": {
"Ref": "LambdaVersionArn"
}
}
]
}
},
"TestGroup": {
"Type": "AWS::Greengrass::Group",
"Properties": {
"Name": "DemoTestGroupNewName",
"RoleArn": {
"Fn::Join": [
":",
[
"arn:aws:iam:",
{
"Ref": "AWS::AccountId"
},
"role/TestUser"
]
]
},
"InitialVersion": {
"CoreDefinitionVersionArn": {
"Ref": "TestCoreDefinitionVersion"
},
"DeviceDefinitionVersionArn": {
"Ref": "TestDeviceDefinitionVersion"
},
"FunctionDefinitionVersionArn": {
"Ref": "TestFunctionDefinitionVersion"
},
"SubscriptionDefinitionVersionArn": {
"Ref": "TestSubscriptionDefinitionVersion"
},
"LoggerDefinitionVersionArn": {
"Ref": "TestLoggerDefinitionVersion"
},
"ResourceDefinitionVersionArn": {
"Ref": "TestResourceDefinitionVersion"
}
},
"Tags": {
"KeyName0": "value",
"KeyName1": "value",
"KeyName2": "value"
}
}
}
},
"Outputs": {
"CommandToDeployGroup": {
"Value": {
"Fn::Join": [
" ",
[
"groupVersion=$(cut -d'/' -f6 <<<",
{
"Fn::GetAtt": [
"TestGroup",
"LatestVersionArn"
]
},
");",
"aws --region",
{
"Ref": "AWS::Region"
},
"greengrass create-deployment --group-id",
{
"Ref": "TestGroup"
},
"--deployment-type NewDeployment --group-version-id",
"$groupVersion"
]
]
}
}
}
}
```
------
#### [ YAML ]
```
AWSTemplateFormatVersion: 2010-09-09
Description: >-
AWS IoT Greengrass example template that creates a group version with a core,
device, function, logger, subscription, and resources.
Parameters:
CoreCertificateArn:
Type: String
DeviceCertificateArn:
Type: String
LambdaVersionArn:
Type: String
Resources:
TestCore1:
Type: 'AWS::IoT::Thing'
Properties:
ThingName: TestCore1
TestCoreDefinition:
Type: 'AWS::Greengrass::CoreDefinition'
Properties:
Name: DemoTestCoreDefinition
TestCoreDefinitionVersion:
Type: 'AWS::Greengrass::CoreDefinitionVersion'
Properties:
CoreDefinitionId: !Ref TestCoreDefinition
Cores:
- Id: TestCore1
CertificateArn: !Ref CoreCertificateArn
SyncShadow: 'false'
ThingArn: !Join
- ':'
- - 'arn:aws:iot'
- !Ref 'AWS::Region'
- !Ref 'AWS::AccountId'
- thing/TestCore1
TestClientDevice1:
Type: 'AWS::IoT::Thing'
Properties:
ThingName: TestClientDevice1
TestDeviceDefinition:
Type: 'AWS::Greengrass::DeviceDefinition'
Properties:
Name: DemoTestDeviceDefinition
TestDeviceDefinitionVersion:
Type: 'AWS::Greengrass::DeviceDefinitionVersion'
Properties:
DeviceDefinitionId: !GetAtt
- TestDeviceDefinition
- Id
Devices:
- Id: TestClientDevice1
CertificateArn: !Ref DeviceCertificateArn
SyncShadow: 'true'
ThingArn: !Join
- ':'
- - 'arn:aws:iot'
- !Ref 'AWS::Region'
- !Ref 'AWS::AccountId'
- thing/TestClientDevice1
TestFunctionDefinition:
Type: 'AWS::Greengrass::FunctionDefinition'
Properties:
Name: DemoTestFunctionDefinition
TestFunctionDefinitionVersion:
Type: 'AWS::Greengrass::FunctionDefinitionVersion'
Properties:
FunctionDefinitionId: !GetAtt
- TestFunctionDefinition
- Id
DefaultConfig:
Execution:
IsolationMode: GreengrassContainer
Functions:
- Id: TestLambda1
FunctionArn: !Ref LambdaVersionArn
FunctionConfiguration:
Pinned: 'true'
Executable: run.exe
ExecArgs: argument1
MemorySize: '512'
Timeout: '2000'
EncodingType: binary
Environment:
Variables:
variable1: value1
ResourceAccessPolicies:
- ResourceId: ResourceId1
Permission: ro
- ResourceId: ResourceId2
Permission: rw
AccessSysfs: 'false'
Execution:
IsolationMode: GreengrassContainer
RunAs:
Uid: '1'
Gid: '10'
TestLoggerDefinition:
Type: 'AWS::Greengrass::LoggerDefinition'
Properties:
Name: DemoTestLoggerDefinition
TestLoggerDefinitionVersion:
Type: 'AWS::Greengrass::LoggerDefinitionVersion'
Properties:
LoggerDefinitionId: !Ref TestLoggerDefinition
Loggers:
- Id: TestLogger1
Type: AWSCloudWatch
Component: GreengrassSystem
Level: INFO
TestResourceDefinition:
Type: 'AWS::Greengrass::ResourceDefinition'
Properties:
Name: DemoTestResourceDefinition
TestResourceDefinitionVersion:
Type: 'AWS::Greengrass::ResourceDefinitionVersion'
Properties:
ResourceDefinitionId: !Ref TestResourceDefinition
Resources:
- Id: ResourceId1
Name: LocalDeviceResource
ResourceDataContainer:
LocalDeviceResourceData:
SourcePath: /dev/TestSourcePath1
GroupOwnerSetting:
AutoAddGroupOwner: 'false'
GroupOwner: TestOwner
- Id: ResourceId2
Name: LocalVolumeResourceData
ResourceDataContainer:
LocalVolumeResourceData:
SourcePath: /dev/TestSourcePath2
DestinationPath: /volumes/TestDestinationPath2
GroupOwnerSetting:
AutoAddGroupOwner: 'false'
GroupOwner: TestOwner
TestSubscriptionDefinition:
Type: 'AWS::Greengrass::SubscriptionDefinition'
Properties:
Name: DemoTestSubscriptionDefinition
TestSubscriptionDefinitionVersion:
Type: 'AWS::Greengrass::SubscriptionDefinitionVersion'
Properties:
SubscriptionDefinitionId: !Ref TestSubscriptionDefinition
Subscriptions:
- Id: TestSubscription1
Source: !Join
- ':'
- - 'arn:aws:iot'
- !Ref 'AWS::Region'
- !Ref 'AWS::AccountId'
- thing/TestClientDevice1
Subject: TestSubjectUpdated
Target: !Ref LambdaVersionArn
TestGroup:
Type: 'AWS::Greengrass::Group'
Properties:
Name: DemoTestGroupNewName
RoleArn: !Join
- ':'
- - 'arn:aws:iam:'
- !Ref 'AWS::AccountId'
- role/TestUser
InitialVersion:
CoreDefinitionVersionArn: !Ref TestCoreDefinitionVersion
DeviceDefinitionVersionArn: !Ref TestDeviceDefinitionVersion
FunctionDefinitionVersionArn: !Ref TestFunctionDefinitionVersion
SubscriptionDefinitionVersionArn: !Ref TestSubscriptionDefinitionVersion
LoggerDefinitionVersionArn: !Ref TestLoggerDefinitionVersion
ResourceDefinitionVersionArn: !Ref TestResourceDefinitionVersion
Tags:
KeyName0: value
KeyName1: value
KeyName2: value
Outputs:
CommandToDeployGroup:
Value: !Join
- ' '
- - groupVersion=$(cut -d'/' -f6 <<<
- !GetAtt
- TestGroup
- LatestVersionArn
- );
- aws --region
- !Ref 'AWS::Region'
- greengrass create-deployment --group-id
- !Ref TestGroup
- '--deployment-type NewDeployment --group-version-id'
- $groupVersion
```
------
## 支持 AWS 区域的 s
[目前,您只能在以下AWS 区域时间创建和管理 AWS IoT Greengrass 资源:](https://docs.aws.amazon.com/general/latest/gr/greengrass.html)
+ 美国东部(俄亥俄州)
+ 美国东部(弗吉尼亚州北部)
+ 美国西部(俄勒冈州)
+ 亚太地区(孟买)
+ 亚太地区(首尔)
+ 亚太地区(新加坡)
+ 亚太地区(悉尼)
+ 亚太地区(东京)
+ 中国(北京)
+ 欧洲地区(法兰克福)
+ 欧洲地区(爱尔兰)
+ 欧洲地区(伦敦)
+ AWS GovCloud (美国西部)