Good to know: How is this file created?

This file will normally be automatically generated during production or the first boot of the system.

We offer some intelligent scripts that can detect a missing configuration and create it using individual information that is based on the x.509 certificate from the SE, TPM or software stored Certificate.

Location

(info) The configuration file has to be placed at config/config.json relative to the working directory of the awsclient

Common locations where the file is located are:

  • PHYTEC: /mnt/conf/aws/config/config.json
  • PHYTEC: /conf/aws/config/config.json
  • BHtronik: /conf/os/aws/config/config.json

Example awsclient configuration file


(info) This is a configuration file with comments (the comments should not be included in the actual file)


The configuration file has to be placed at config/config.json relative to the working directory of the awsclient.

{
"endpoint": "ENDPOINT", # AWS endpoint
"mqtt_port": 8883,
"https_port": 443,
"greengrass_discovery_port": 8443,
"root_ca_relative_path": "certs/rootCA.crt", # path to the AWS root CA (absolute or relative to the clients WorkingDirectory)
"device_certificate_relative_path": "certs/cert.pem", # path to the device certificate (absolute or relative to the clients WorkingDirectory)
"device_private_key_relative_path": "certs/privkey.pem", # path to the device private keyfile or refpem (absolute or relative to the clients WorkingDirectory)
"tls_handshake_timeout_msecs": 60000,
"tls_read_timeout_msecs": 2000,
"tls_write_timeout_msecs": 2000,
"aws_region": "eu-central-1",
"aws_access_key_id": "",
"aws_secret_access_key": "",
"aws_session_token": "",
"client_id": "CLIENT_ID", # client ID, usually serial number of the certificate
"thing_name": "THING_NAME", # client ID, usually same as client_id
"is_clean_session": true,
"mqtt_command_timeout_msecs": 20000,
"keepalive_interval_secs": 600,
"minimum_reconnect_interval_secs": 1,
"maximum_reconnect_interval_secs": 128,
"maximum_acks_to_wait_for": 32,
"action_processing_rate_hz": 5,
"maximum_outgoing_action_queue_length": 32,
"discover_action_timeout_msecs": 300000,
"shadow_update_interval_secs": 0,
 
"rauc_hawkbit_client_config_dir": "/config/os/hawkbit/", # directory with rauc-hawkbit-updater config file
"rauc_hawkbit_client_config_file": "config.cfg", # filename of rauc-hawkbit-updater config file
 
"remote_manager_config_dir": "/config/os/esec/", # directory with remotemanager config file
"remote_manager_config_file": "RemoteManager.conf", # filename of remotemanager config file
 
"ssh_pub_key_dir": "/config/os/root/.ssh/", # directory with ssh public key
"ssh_pub_key_file": "id_ecdsa.pub", # filename of ssh public key
 
"isoconnect_app_config_dir": "/data/app_isoconnect/config/", # directory with isoconnect config file
"isoconnect_app_config_file": "customer_config.txt", # filename of isoconnect config file
"isoconnect_app_config_signature_file": "customer_config.txt.sig", # filename of isoconnect config signature file
 
"maintenance_task_temp_download_dir": "/tmp/", # temporary download directory for maintenance task files
"maintenance_task_download_whitelist_path": "/config/os/aws/config/download_whitelist.txt", # path to whitelist for maintenance task files
"maintenance_task_command_whitelist_path": "/config/os/aws/config/command_whitelist.txt", # path to whitelist for maintenance task commands
 
"desired_hawkbit_server_url": "",
 
"shadow_commands": [ # optional array of keys and values from commands to add to the shadow state
[ "fs_dev", "df | grep /dev$ | tr -s \" \" | tr -d \"\\n\"" ],
[ "echo", "echo -n 42" ]
]
}