AWS greengrass documentation change
Summary
Updated Python sample code to use argparse instead of custom command line utility, adjusted file paths, and simplified instructions.
Security assessment
The changes refactor argument parsing logic but maintain equivalent security parameters (cert, key, CA). No explicit security vulnerability fix or weakness addressed.
Diff
diff --git a/greengrass/v2/developerguide/client-devices-tutorial.md b/greengrass/v2/developerguide/client-devices-tutorial.md index 8b4eabe0e..c89eacdcc 100644 --- a//greengrass/v2/developerguide/client-devices-tutorial.md +++ b//greengrass/v2/developerguide/client-devices-tutorial.md @@ -318 +318 @@ On the client device, do the following: - cd aws-iot-device-sdk-python-v2/samples + cd aws-iot-device-sdk-python-v2/samples/greengrass @@ -1094,5 +1094 @@ You can keep the log feed open to see when the component prints messages. - 1. Change to the samples folder in the AWS IoT Device SDK v2 for Python. This sample application uses a command line parsing module in the samples folder. - - cd aws-iot-device-sdk-python-v2/samples - - 2. Use a text editor to create a Python script named `basic_discovery_shadow.py` with the following contents. This application uses Greengrass discovery and shadows to keep a property in sync between the client device and the core device. + 1. Use a text editor to create a Python script named `basic_discovery_shadow.py` with the following contents. This application uses Greengrass discovery and shadows to keep a property in sync between the client device and the core device. @@ -1120,14 +1116,29 @@ Copy the following Python code into the file. - # Parse arguments - import utils.command_line_utils; - cmdUtils = utils.command_line_utils.CommandLineUtils("Basic Discovery - Greengrass discovery example with device shadows.") - cmdUtils.add_common_mqtt_commands() - cmdUtils.add_common_topic_message_commands() - cmdUtils.add_common_logging_commands() - cmdUtils.register_command("key", "<path>", "Path to your key in PEM format.", True, str) - cmdUtils.register_command("cert", "<path>", "Path to your client certificate in PEM format.", True, str) - cmdUtils.remove_command("endpoint") - cmdUtils.register_command("thing_name", "<str>", "The name assigned to your IoT Thing", required=True) - cmdUtils.register_command("region", "<str>", "The region to connect through.", required=True) - cmdUtils.register_command("shadow_property", "<str>", "The name of the shadow property you want to change (optional, default='color'", default="color") - # Needs to be called so the command utils parse the commands - cmdUtils.get_args() + # --------------------------------- ARGUMENT PARSING ----------------------------------------- + import argparse + + def parse_sample_input(): + parser = argparse.ArgumentParser( + description="AWS IoT Greengrass Discovery Shadow", + formatter_class=argparse.ArgumentDefaultsHelpFormatter, + ) + + # Connection / TLS + parser.add_argument("--cert", required=True, dest="input_cert", + help="Path to the certificate file to use during mTLS connection establishment") + parser.add_argument("--key", required=True, dest="input_key", + help="Path to the private key file to use during mTLS connection establishment") + parser.add_argument("--ca_file", dest="input_ca", help="Path to optional CA bundle (PEM)") + + # Shadow + parser.add_argument("--thing_name", required=True, dest="input_thing_name", help="The name assigned to your IoT Thing.") + parser.add_argument("--shadow_property", dest="input_shadow_property", default="color", + help="The name of the shadow property you want to change (optional, default='color'") + parser.add_argument("--region", dest="input_region", help="The region to connect through.", required=True) + parser.add_argument("--print_discover_resp_only", dest="input_print_discover_resp_only", default=False) + + return parser.parse_args() + + args = parse_sample_input() + + # --------------------------------- ARGUMENT PARSING END ----------------------------------------- + @@ -1138,2 +1149,2 @@ Copy the following Python code into the file. - shadow_thing_name = cmdUtils.get_command_required("thing_name") - shadow_property = cmdUtils.get_command("shadow_property") + shadow_thing_name = args.input_thing_name + shadow_property = args.input_shadow_property @@ -1170,2 +1181,2 @@ Copy the following Python code into the file. - cert_filepath=cmdUtils.get_command_required("cert"), - pri_key_filepath=cmdUtils.get_command_required("key"), + cert_filepath=args.input_cert, + pri_key_filepath=args.input_key, @@ -1175 +1186 @@ Copy the following Python code into the file. - client_id=cmdUtils.get_command_required("thing_name"), + client_id=args.input_thing_name, @@ -1393,3 +1404,3 @@ Copy the following Python code into the file. - tls_options = io.TlsContextOptions.create_client_with_mtls_from_path(cmdUtils.get_command_required("cert"), cmdUtils.get_command_required("key")) - if cmdUtils.get_command(cmdUtils.m_cmd_ca_file): - tls_options.override_default_trust_store_from_path(None, cmdUtils.get_command(cmdUtils.m_cmd_ca_file)) + tls_options = io.TlsContextOptions.create_client_with_mtls_from_path(args.input_cert,args.input_key) + if args.input_ca: + tls_options.override_default_trust_store_from_path(None, args.input_ca) @@ -1401,2 +1412,2 @@ Copy the following Python code into the file. - discovery_client = DiscoveryClient(io.ClientBootstrap.get_or_create_static_default(), socket_options, tls_context, cmdUtils.get_command_required("region")) - resp_future = discovery_client.discover(cmdUtils.get_command_required("thing_name")) + discovery_client = DiscoveryClient(io.ClientBootstrap.get_or_create_static_default(), socket_options, tls_context, args.input_region) + resp_future = discovery_client.discover(args.input_thing_name) @@ -1406 +1417 @@ Copy the following Python code into the file. - if cmdUtils.get_command("print_discover_resp_only"): + if args.print_discover_resp_only: @@ -1492 +1503 @@ This application combines the Greengrass discovery and shadow samples from the A - 3. Run the sample application. This application expects arguments that specify the client device thing name, the shadow property to use, and the certificates that authenticate and secure the connection. + 2. Run the sample application. This application expects arguments that specify the client device thing name, the shadow property to use, and the certificates that authenticate and secure the connection.