AWS IoT OTA Update

Hello Daniel, 

I will look into your case. Could you please provide what version of the nRF Connect SDK you are running? Can you provide more details on the JSON file? If needed we can convert this ticket to private if there are details you do not want to share. 

Kind regards,
Øyvind

Hi, we work on SDK Version 2.0.0 and I attach you our sample OTA json. I think at the moment no need to convert to private here.

{
  "operation": "app_fw_update",
  "fwversion": "1.2.3",
  "size": 222222,
  "location": {
    "protocol": "http:",
    "host": "<bucket>.s3.eu-central-1.amazonaws.com",
    "path": "<updatefile>.bin"
  }
}

The one solution that is often mentioned by our AWS developers is to use e.g. AWS Signature Version 4. 

Note that you need to increase some sizes in order for it to work, due to the length of the file path.

CONFIG_AWS_FOTA_PAYLOAD_SIZE=2048
CONFIG_AWS_FOTA_FILE_PATH_MAX_LEN=2048
CONFIG_DOWNLOAD_CLIENT_MAX_FILENAME_SIZE=2048
CONFIG_DOWNLOAD_CLIENT_MAX_HOSTNAME_SIZE=256

Let me know how that works for you!

Kind regards,
Øyvind

is this feature working with the aws iot ota updates? Or do I need to implement this by myself? If it is implemented, do you habe a example on the nrf9160 side how to implement this?

thanks and best regards

daniel

Sorry, I might have been too quick with my answer on this. Will need to investigate some more in regards to using presigned URLs with AWS IoT.

I need to verify if the following statement is still relevant

The problem is that the download client depends on the download URL being split in host and path on the cloud side, however AWS IoT jobs and pre-signed URLs do not support this, they generate a full URL. In addition, pre-signed URLs only work with HTTPs (TLS), this is typically something we want to avoid because of the overhead.

Sorry, I might have been too quick with my answer on this. Will need to investigate some more in regards to using presigned URLs with AWS IoT.

I need to verify if the following statement is still relevant

The problem is that the download client depends on the download URL being split in host and path on the cloud side, however AWS IoT jobs and pre-signed URLs do not support this, they generate a full URL. In addition, pre-signed URLs only work with HTTPs (TLS), this is typically something we want to avoid because of the overhead.

OK, sorry for the back and forth. The pre-signed URLs are what you are looking for, however, this is not supported yet in the download manager due to the long path. I do not have a timeline yet, but it does look like it will be implemented in the next version of nRF Connect SDK. 

Kind regards, 
Øyvind

So to be clear: The only way for OTA Updates is having a exposed URL with the *.bin file with public access? Just I need to know I dont need to search for other solutions....

best regards

daniel

Do you have any update here?

any updates here?

Hello Daniel, 

I'm really sorry for the late reply.