1 Answer
- Newest
- Most votes
- Most comments
1
Hi Nicolas,
the IoT Device SDK does not get any information about the administrative tasks, for example disabling a device certificate. So it cannot disconnect the device.
To disconnect your device you can attach an IoT policy which denies connecting to AWS IoT Core. Policy documents are cached so it can take some minutes for the new policy to become effective.
If you need to immediately disconnect your device you can attach a restrictive policy first and then connect with another connection with the same client ID which your device uses. AWS IoT Core will then disconnect your device. If it tries to reconnect the new policy which denies a connection will become effective.
Cheers,
Philipp
Relevant content
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 9 days ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago
Nicholas, you can use the AWS IoT Device SDK to make that connection (from your application) with the same client ID as the device you're forcing to disconnect: https://github.com/aws/aws-iot-device-sdk-js-v2
Hi Philipp and Greg!
I will try attaching the restrictive policy and see how long it takes for the device to get disconnected. This functionality would be used for when a device is spamming messages for example messages, due to some malfunctioning. Then we would go to the Web App and block the connection for the device (preferably immediately).
Given that my preference is to disconnect it as soon as possible after I block it, and your suggestion about connecting with the same client, I have this question:
My Web App isn't a device, it performs operations using the following Javascript SDKs:
What you suggest, if I understand correctly, would make my Web App a device right? I would need to have certificates and keys to enable it to connect to the broker and then in that connection use the id of the device I'm trying to block as the clientId? This will allow the Web App to connect thus disconnecting the device I'm trying to block? Then I would need to immediately disconnect the Web App, since the only purpose of its connection is to disconnect my target device? It feels kinda weird doesn't it? Plus it introduces the concept of the Web App as a Device Client, which is not.
Hope to hear back from you!