[ aws . iotsitewise ]



Updates a gateway capability configuration or defines a new capability configuration. Each gateway capability defines data sources for a gateway. A capability configuration can contain multiple data source configurations. If you define OPC-UA sources for a gateway in the AWS IoT SiteWise console, all of your OPC-UA sources are stored in one capability configuration. To list all capability configurations for a gateway, use DescribeGateway .

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.


--gateway-id <value>
--capability-namespace <value>
--capability-configuration <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]


--gateway-id (string)

The ID of the gateway to be updated.

--capability-namespace (string)

The namespace of the gateway capability configuration to be updated. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace iotsitewise:opcuacollector:version , where version is a number such as 1 .

--capability-configuration (string)

The JSON document that defines the configuration for the gateway capability. For more information, see Configuring data sources (CLI) in the AWS IoT SiteWise User Guide .

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

--cli-auto-prompt (boolean) Automatically prompt for CLI input parameters.

See ‘aws help’ for descriptions of global parameters.


To update a gateway capability

The following update-gateway-capability-configuration example configures an OPC-UA source with the following properties:

  • Trusts any certificate.

  • Uses the Basic256 algorithm to secure messages.

  • Uses the SignAndEncrypt mode to secure connections.

  • Uses authentication credentials stored in an AWS Secrets Manager secret.

aws iotsitewise update-gateway-capability-configuration \
    --gateway-id a1b2c3d4-5678-90ab-cdef-1a1a1EXAMPLE \
    --capability-namespace "iotsitewise:opcuacollector:1" \
    --capability-configuration file://opc-ua-capability-configuration.json

Contents of opc-ua-capability-configuration.json:

    "sources": [
            "name": "Wind Farm #1",
            "endpoint": {
                "certificateTrust": {
                    "type": "TrustAny"
                "endpointUri": "opc.tcp://",
                "securityPolicy": "BASIC256",
                "messageSecurityMode": "SIGN_AND_ENCRYPT",
                "identityProvider": {
                    "type": "Username",
                    "usernameSecretArn": "arn:aws:secretsmanager:us-west-2:123456789012:secret:greengrass-windfarm1-auth-1ABCDE"
                "nodeFilterRules": []
            "measurementDataStreamPrefix": ""


    "capabilityNamespace": "iotsitewise:opcuacollector:1",
    "capabilitySyncStatus": "OUT_OF_SYNC"

For more information, see Configuring data sources in the AWS IoT SiteWise User Guide.


capabilityNamespace -> (string)

The namespace of the gateway capability.

capabilitySyncStatus -> (string)

The synchronization status of the capability configuration. The sync status can be one of the following:

  • IN_SYNC – The gateway is running the capability configuration.

  • OUT_OF_SYNC – The gateway hasn’t received the capability configuration.

  • SYNC_FAILED – The gateway rejected the capability configuration.

After you update a capability configuration, its sync status is OUT_OF_SYNC until the gateway receives and applies or rejects the updated configuration.