下載適 AWS IoT Greengrass 用於 V2 的 IDT - AWS IoT Greengrass

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

下載適 AWS IoT Greengrass 用於 V2 的 IDT

本主題說明 AWS IoT Device Tester 為 AWS IoT Greengrass V2 下載的選項。您可以使用下列其中一個軟體下載連結,也可以按照指示以程式設計方式下載 IDT。

下載軟體即表示您同意AWS IoT Device Tester 授權合約

注意

IDT 不支援由多位使用者從共用位置執行,例如 NFS 目錄或 Windows 網路共用資料夾。我們建議您將 IDT 套件解壓縮到本機磁碟機,並在本機工作站上執行 IDT 二進位檔。

手動下載 IDT

本主題列出 AWS IoT Greengrass V2 支援的 IDT 版本。最佳作法是,建議您使用支援目標 AWS IoT Greengrass V2 版本的最新 IDT 版本 AWS IoT Greengrass 。新版本的 AWS IoT Greengrass 可能會要求您下載適用於 AWS IoT Greengrass V2 的新版 IDT。如果 AWS IoT Greengrass V2 的 IDT 與您正在使用的 AWS IoT Greengrass 版本不兼容,則在啟動測試運行時收到通知。

IDT 第 4.9.4 版,適用於 AWS IoT Greengrass
支援的 AWS IoT Greengrass 版本:
IDT 軟件下載:
版本備註:
  • 針對執行 AWS IoT Greengrass 核心軟體 2.12.0、2.11.0、2.10.0 和 2.9.5 版的裝置啟用裝置驗證與鑑定功能。

  • 移除串流管理員和機器學習測試群組。

其他注意事項:
  • 如果您的裝置使用 HSM 且您使用的是核心 2.10.x,請移轉至 Greengrass 核心 2.11.0 版或更新版本。

測試套件版本:
GGV2Q_2.5.4
  • 二零二零四年五月三日發佈

以編程方式下載 IDT

IDT 提供了一個 API 操作,您可以使用它來檢索 URL,您可以在其中以編程方式下載 IDT。您也可以使用此 API 操作來檢查您是否擁有最新版本的 IDT。此 API 操作具有以下端點。

https://download.devicetester.iotdevicesecosystem.amazonaws.com/latestidt

若要呼叫此 API 作業,您必須擁有執行iot-device-tester:LatestIdt動作的權限。包括您的 AWS 簽名並用iot-device-tester作服務名稱。

API 要求

HostOs — 主機的作業系統。您可以從以下選項中選擇:
  • mac

  • linux

  • windows

TestSuiteType — 測試套件的類型。選擇下列選項:

GGV2— 對 AWS IoT Greengrass 於 V2 的 IDT

ProductVersion

(可選)Greengrass 核的版本。此服務會傳回該版本 Greengrass 核心的最新相容版本的 IDT。如果未指定此選項,服務會傳回最新版本的 IDT。

API 回應

API 回應具有下列格式。包DownloadURL括一個 zip 文件。

{ "Success": True or False, "Message": Message, "LatestBk": { "Version": The version of the IDT binary, "TestSuiteVersion": The version of the test suite, "DownloadURL": The URL to download the IDT Bundle, valid for one hour } }

範例

您可以參考下列範例,以程式設計方式下載 IDT。這些範例使用您儲存在AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEY環境變數中的認證。若要遵循最佳安全性做法,請勿將憑證儲存在程式碼中。

範例 示例:使用 cURL 7.75.0 或更高版本(Mac 和 Linux)下載

如果您有 cURL 版本 7.75.0 或更高版本,則可以使用該aws-sigv4標誌來簽署 API 請求。這個例子使用 jq 來解析響應中的下載 URL。

警告

aws-sigv4標誌要求 curl GET 請求的查詢參數按HostOs/ProductVersion/TestSuiteType或的順序排列HostOs/TestSuiteType。不符合的訂單將導致從 API Gateway 取得標準字串不符合的簽章時發生錯誤。

如果包含選ProductVersion用參數,您必須使用支援的產品版本,如 AWS IoT Greengrass V2 的 AWS IoT Device Tester 支援版本中所述。

  • 替換 us-west-2 與您的. AWS 區域如需區域代碼清單,請參閱區域端點

  • 以主機的作業系統取代 linux

  • 用您的 AWS IoT Greengrass 核子核版本替換 2.5.3

url=$(curl --request GET "https://download.devicetester.iotdevicesecosystem.amazonaws.com/latestidt?HostOs=linux&ProductVersion=2.5.3&TestSuiteType=GGV2" \ --user $AWS_ACCESS_KEY_ID:$AWS_SECRET_ACCESS_KEY \ --aws-sigv4 "aws:amz:us-west-2:iot-device-tester" \ | jq -r '.LatestBk["DownloadURL"]') curl $url --output devicetester.zip
範例:使用較早版本的 cURL (Mac 和 Linux) 下載

您可以使用下面的 cURL 命令與您 AWS 簽名和計算的簽名。如需如何簽署和計算簽 AWS 名的詳細資訊,請參閱簽署 AWS API 要求

  • 以主機的作業系統取代 linux

  • 將時間替換為日期和時間,例如20220210T004606Z

  • 日期替換為日期,例如20220210

  • 替換AWSRegion為您的 AWS 區域. 如需區域代碼清單,請參閱區域端點

  • 以您產生的AWS 簽名AWSSignature代。

curl --location --request GET 'https://download.devicetester.iotdevicesecosystem.amazonaws.com/latestidt?HostOs=linux&TestSuiteType=GGV2' \ --header 'X-Amz-Date: Timestamp \ --header 'Authorization: AWS4-HMAC-SHA256 Credential=$AWS_ACCESS_KEY_ID/Date/AWSRegion/iot-device-tester/aws4_request, SignedHeaders=host;x-amz-date, Signature=AWSSignature'
範例:使用 Python 指令碼下載

這個例子使用了 Python 請求庫。這個例子是從 Python 示例改編為在AWS 一般參考中簽署 AWS API 請求

  • us-west-2 取代為您的區域。如需區域代碼清單,請參閱區域端點

  • 以主機的作業系統取代 linux

# Copyright 2010-2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. # # This file is licensed under the Apache License, Version 2.0 (the "License"). # You may not use this file except in compliance with the License. A copy of the #License is located at # # http://aws.amazon.com/apache2.0/ # # This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS # OF ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. # See: http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html # This version makes a GET request and passes the signature # in the Authorization header. import sys, os, base64, datetime, hashlib, hmac import requests # pip install requests # ************* REQUEST VALUES ************* method = 'GET' service = 'iot-device-tester' host = 'download.devicetester.iotdevicesecosystem.amazonaws.com' region = 'us-west-2' endpoint = 'https://download.devicetester.iotdevicesecosystem.amazonaws.com/latestidt' request_parameters = 'HostOs=linux&TestSuiteType=GGV2' # Key derivation functions. See: # http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-python def sign(key, msg): return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest() def getSignatureKey(key, dateStamp, regionName, serviceName): kDate = sign(('AWS4' + key).encode('utf-8'), dateStamp) kRegion = sign(kDate, regionName) kService = sign(kRegion, serviceName) kSigning = sign(kService, 'aws4_request') return kSigning # Read AWS access key from env. variables or configuration file. Best practice is NOT # to embed credentials in code. access_key = os.environ.get('AWS_ACCESS_KEY_ID') secret_key = os.environ.get('AWS_SECRET_ACCESS_KEY') if access_key is None or secret_key is None: print('No access key is available.') sys.exit() # Create a date for headers and the credential string t = datetime.datetime.utcnow() amzdate = t.strftime('%Y%m%dT%H%M%SZ') datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope # ************* TASK 1: CREATE A CANONICAL REQUEST ************* # http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html # Step 1 is to define the verb (GET, POST, etc.)--already done. # Step 2: Create canonical URI--the part of the URI from domain to query # string (use '/' if no path) canonical_uri = '/latestidt' # Step 3: Create the canonical query string. In this example (a GET request), # request parameters are in the query string. Query string values must # be URL-encoded (space=%20). The parameters must be sorted by name. # For this example, the query string is pre-formatted in the request_parameters variable. canonical_querystring = request_parameters # Step 4: Create the canonical headers and signed headers. Header names # must be trimmed and lowercase, and sorted in code point order from # low to high. Note that there is a trailing \n. canonical_headers = 'host:' + host + '\n' + 'x-amz-date:' + amzdate + '\n' # Step 5: Create the list of signed headers. This lists the headers # in the canonical_headers list, delimited with ";" and in alpha order. # Note: The request can include any headers; canonical_headers and # signed_headers lists those that you want to be included in the # hash of the request. "Host" and "x-amz-date" are always required. signed_headers = 'host;x-amz-date' # Step 6: Create payload hash (hash of the request body content). For GET # requests, the payload is an empty string (""). payload_hash = hashlib.sha256(('').encode('utf-8')).hexdigest() # Step 7: Combine elements to create canonical request canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + '\n' + canonical_headers + '\n' + signed_headers + '\n' + payload_hash # ************* TASK 2: CREATE THE STRING TO SIGN************* # Match the algorithm to the hashing algorithm you use, either SHA-1 or # SHA-256 (recommended) algorithm = 'AWS4-HMAC-SHA256' credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request' string_to_sign = algorithm + '\n' + amzdate + '\n' + credential_scope + '\n' + hashlib.sha256(canonical_request.encode('utf-8')).hexdigest() # ************* TASK 3: CALCULATE THE SIGNATURE ************* # Create the signing key using the function defined above. signing_key = getSignatureKey(secret_key, datestamp, region, service) # Sign the string_to_sign using the signing_key signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest() # ************* TASK 4: ADD SIGNING INFORMATION TO THE REQUEST ************* # The signing information can be either in a query string value or in # a header named Authorization. This code shows how to use a header. # Create authorization header and add to request headers authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' + 'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature # The request can include any headers, but MUST include "host", "x-amz-date", # and (for this scenario) "Authorization". "host" and "x-amz-date" must # be included in the canonical_headers and signed_headers, as noted # earlier. Order here is not significant. # Python note: The 'host' header is added automatically by the Python 'requests' library. headers = {'x-amz-date':amzdate, 'Authorization':authorization_header} # ************* SEND THE REQUEST ************* request_url = endpoint + '?' + canonical_querystring print('\nBEGIN REQUEST++++++++++++++++++++++++++++++++++++') print('Request URL = ' + request_url) response = requests.get(request_url, headers=headers) print('\nRESPONSE++++++++++++++++++++++++++++++++++++') print('Response code: %d\n' % response.status_code) print(response.text) download_url = response.json()["LatestBk"]["DownloadURL"] r = requests.get(download_url) open('devicetester.zip', 'wb').write(r.content)