Using AWS IOT To Arm Blink Cameras

Posted on Sat 16 December 2017 in iot • Tagged with iot, lambda, security, tutorial, aws

Blink security cameras are an affordable home security camera system. Although they lack a formal public API, inventive devs have reverse-engineered their private API to allow for better integration.

Here we'll use AWS IOT Core, Lambda and node-blink-security to arm and disarm Blink security cameras using an AWS IOT Button.

Activating Your IOT Button

The IOT Button must be configured to your account, which includes joining it to your wifi access point, and installing the client certificates.

The easiest way to perform activation is by using the AWS IOT Button App for Android or IOS. Complete instructions are found on …

Continue reading

Free SSL Certificates using ACM (AWS Certificate Manager)

Posted on Tue 16 February 2016 in aws • Tagged with aws, ssl, security

2016 may be the year of free SSL, and AWS ACM (AWS Certificate Manager) is a great offering for Cloudfront & ELB users (most web apps).

Not only is it free, but it's also the simplest certificate management platform

  • request a new certificate in minutes
  • no server config needed
  • no certificate , chain or private key management
  • automatic certificate rotation

Here's how to create a certificate and then install it onto your cloudfront distribution.

Requesting a New Certificate

aws acm request-certificate --domain-name \*.mydomain.com --subject-alternative-names  mydomain.com
{
    "CertificateArn": "arn:aws:acm:us-east-1:OOOOOOOOOOOO:certificate/c3d15000-230c-4000-8000-a600000"
}

Activating the Certificate on Cloudfront

This part …

Continue reading

Securing Your Network Using Auto-Updating Security Groups

Posted on Thu 17 December 2015 in aws • Tagged with aws, security, security-groups

We all know that no ports should be open to the internet for development purposes, but for convenience it's common to find a security group with port 22 (SSH) open to 0.0.0.0/0 . Even narrower ingress rules can create backdoors.

Here we'll show you how to create an auto-updating security group that adds your active WAN IP address when you connect. This way, only your active IP is authorized.

Create the "development" security group with no ingress

aws ec2 create-security-group --group-name=development --group-description="ssh access for my dev machine"

Create a limited role …

Continue reading