A COSU device is also known as a single purpose device. You will only be able to work with an assigned application or applications on this device and all other device functions will be locked. As you are unable to manually manage the system updated on these devices let's take a look at how you can set a policy to manage the system updates on a COSU device.
Follow the steps given below:
- Navigate to the device management console:
https://<IoT_HOST>:9443/devicemgt - Click Add under Policies.
- Click on the Android mobile platform.
- Select the System Update Policy (COSU) and enable it.
The selected policy is disabled by default, therefore, click on the on-off switch to enable it. Define how you want to update the system when system updates are sent to the device, and click CONTINUE.
Select one of the following options.Automatic Install the system update automatically as soon as one is available. Postpone Incoming system updates (except for security updates) will be blocked for 30 days, after which the policy will no longer be effective and the system will revert back to its normal behavior as if no policy were set. Window Install the system update automatically within a daily maintenance window. You need to set the time period at which a system update will happen.
Example: The system updates can take place from 12 AM to 9 PM only.
- Assign the configured profile of policies to the preferred groups.
Select the device ownership type by clicking on the preferred option from the set device ownership type drop-down list:
Device
ownership
typeDescription BYOD Bring Your Own Device. COPE Corporate-Owned, Personally Enabled. Any The configured profile of policies will be assigned to both the BYOD and COPE device ownership types. - Assign the policy to user roles or users:
Assigning user role/s.
Select the set user role/s option.
Select the preferred role from the item list.
The items that are listed here, are the roles that were added when managing roles through the Device Management console.
For more information, see managing roles.
- Assigning user/s.
- Select the set user/s option.
- Enter the characters of the username/s you wish to add, and the system will prompt the users having the names with the characters you entered. You can select the users from the item list.
Select the action that has to be carried out when a device has not complied with a policy.
In the context of WSO2 IoT Server, the following actions are referred to as non-compliance rules. Further, the policies are monitored via the non-compliance rules.
Non-compliance
rulesDescription Enforce Forcefully enforce the policies on the assigned groups. Warning If the assigned groups do not adhere to the given policies a warning message will be sent.
Monitor If the assigned groups do not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported. - Click SAVE.
Define a name for the configured profile of policies and a description.
Set a Name to your Policy is a mandatory field.
Click SAVE to save the configured profile or click SAVE & PUBLISH to save and publish the configured profile as an active policy to the database.
If you SAVE the configured profile it will be in the inactive state. Therefore, the policy will not be taken into account when the IoT Server filters policies, to enforce a suitable policy on a device that registers with WSO2 IoTS.
If you SAVE & PUBLISH the configured profile of policies it will be in the active state. The active policies will be enforced on new devices that enroll with WSO2 IoTS based on the Policy enforcement criteria. If you want to push this policy to the existing devices and want this policy to be applied to the devices, click Apply changes. Then the newly added policy will be a candidate in the policy selection pool based on the policy Enforcement criteria.