Getting started with Yandex IoT Core device registries
To start using the Yandex IoT Core service, create the following:
Then, set up message exchange between the device and the registry.
Getting started
Sign up for Yandex Cloud and create a billing account:
- Go to the management console
and log in to Yandex Cloud or create an account if you do not have one yet. - On the Yandex Cloud Billing
page, make sure you have a billing account linked and it has theACTIVE
orTRIAL_ACTIVE
status. If you do not have a billing account, create one.
If you have an active billing account, you can go to the cloud page
Learn more about clouds and folders.
Create a certificate
X.509 certificates enable interaction between MQTT clients: the registry and device. Each of them needs its certificate.
-
If you have certificates, add them to the MQTT clients. You can do this when creating clients.
-
If you do not have certificates, create them using the OpenSSL
program (the command below creates only one certificate):openssl req -x509 \ -newkey rsa:4096 \ -keyout private-key.pem \ -out cert.pem \ -nodes \ -days 365 \ -subj '/CN=localhost'
Where:
-x509
: Certificate type, X.509.-newkey
: Encryption algorithm.-keyout
: File with the private key of the certificate.-out
: File with the public key of the certificate.-nodes
: This flag is set when no public key encryption is required.-days
: Certificate validity period in days.-subj
: Request object.
For each of the MQTT clients, specify different names for files with private and public keys.
Create a registry
-
In the management console
, select the folder to create your registry in. -
Select IoT Core.
-
In the left-hand panel, select Registries.
-
Click Create registry.
-
Under General information, add
my-registry
as the registry name. -
Add a certificate:
-
To add a file:
- Choose the
File
method. - Click Attach file.
- Select the file with the public key of the certificate and click Open.
- Click Add.
- Choose the
-
To add text:
- Choose the
Text
method. - Paste the public key of the certificate to the Content field.
- Click Add.
- Choose the
-
-
Click Create.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
Create a registry:
yc iot registry create --name my-registry
Result:
id: b91hafek85********** folder_id: aoek49ghmk********* created_at: "2019-05-27T13:40:06.923Z" name: my-registry status: ACTIVE log_group_id: ckghotead**********
-
Add a certificate to the registry:
yc iot registry certificate add \ --registry-name my-registry \ --certificate-file registry-cert.pem
Where:
--registry-name
: Registry name.--certificate-file
: Path to the public key of the certificate.
Result:
registry_id: b91hafek85********** fingerprint: 589ce16050**** certificate_data: | -----BEGIN CERTIFICATE----- MIIE/jCCAuagAwIBAgIJAPRA... -----END CERTIFICATE----- created_at: "2019-05-27T13:41:45.295Z"
Create a device
-
In the management console
, select a folder to create a device in. -
Select IoT Core.
-
Select
my-registry
from the list. -
On the left side of the window, select the Devices section.
-
Click Add device.
-
Under General information, add
my-device
as the device name. -
Add a certificate:
-
To add a file:
- Choose the
File
method. - Click Attach file.
- Select the file with the public key of the certificate and click Open.
- Click Add.
- Choose the
-
To add text:
- Choose the
Text
method. - Paste the public key of the certificate to the Content field.
- Click Add.
- Choose the
-
-
Click Create.
-
Create a device:
yc iot device create \ --registry-name my-registry \ --name my-device
Where:
--registry-name
: Name of the registry that the device is part of.--name
: Device name.
Result:
id: b912an77oq********** registry_id: b91hafek85********** created_at: "2019-05-27T13:44:35.164Z" name: my-device
-
Add a certificate to the device:
yc iot device certificate add \ --device-name my-device \ --certificate-file ./certs/device-cert.pem
Where:
--device-name
: Device name.--certificate-file
: Path to the public key of the certificate.
Result:
device_id: b912an77oq********** fingerprint: 65e5b05006*** certificate_data: | -----BEGIN CERTIFICATE----- MIIE/jCCAuagAwIBAgIJANZbq... -----END CERTIFICATE----- created_at: "2019-05-27T13:45:23.306Z"
Set up message exchange between the device and the registry
What's next
- Read about service concepts.
- Find out how to work with registries and devices.