Amazon AWS IoT Core over SSL Integration Guide
Review the following guide to set up an integration between Litmus Edge and AWS IoT Core with SSL authentication.
You must have an AWS account with the appropriate user privileges.
To onboard a device:
- Open the AWS IoT browser tab and click Manage > Things. The Things pane appears.
From the left pane, click Onboard. The Connect to AWS IoT pane appears.
Connect to AWS IoT paneFrom the Onboard a device box, click Get Started. The Connect to AWS IoT wizard appears.
Connect to AWS IoT wizardClick Get Started. The How are you connecting to AWS IoT screen appears.
How are you connecting to AWS IoT screen- From the Choose a platform section, select Linux/OSX.
From the Choose a AWS IoT Device SDK section, select Java, and then click Next. The Register a thing screen appears.
Register a thing screenIn the Name field, enter Thing1, and then click Next step. The Download a connection kit screen appears.
Download a connection kit screenClick Linux/OSX, view the downloaded .zip file at the bottom of the screen, and then click Next step. The Configure and test your device screen appears.
Configure and test your device screenView the downloaded .zip file at the bottom of the screen, and then click Done. The Connected successfully screen appears.
Connected successfully screen- Click Done. The named Thing1 appears in the Things pane.
To create the policy:
- From the left pane in the AWS Things pane, click Secure > Policies.
Refresh the page. The named Thing1-Policy appears.
Policy item
You will need to download the certificate and private key that you will use to configure the AWS connector in Step 8.
To create and download the certificate and private key:
From the left pane, click Certificates. The certificate for the named Thing appears.
Certificate pane- Click the Actions icon for the certificate, and select Delete. The Confirmation dialog box appears.
- Click Yes, continue with delete.
Refresh the page. The Certificates wizard appears.
Certificate wizardClick Create a certificate. The Create a certificate screen appears.
Create a certificate screenClick Create certificate. The Certificate created screen appears.
Certificate created screen- Click Download next to A certificate for this thing.
- Click Download next to A private key.
- Click Keep next to the downloaded files.
Click Activate, and then click Attach a policy. The Add authorization to certificate screen appears.
Add authorization to certificate screenSelect the named Thing1-Policy, and then click Done.
To edit the policy:
- From the left pane, click Policies. The Policies pane appears.
Click the named Thing1-Policy. The named Thing1-Policy dialog box appears.
Policy dialog boxClick Edit policy document. The Edit Policy screen appears.
Edit Policy screenScroll down the policy document, copy the last line, paste the copied line below, and edit it as follows: Change sdk-nodejs to sdk-golang.
Edit policy code- Click Save as new version.
- Click the Back arrow to return to the Policies pane.
After setting up your AWS account, you will need to log in to Litmus Edge to complete the steps below and complete the integration.
You will have to log in to your AWS account to retrieve the parameters for the AWS connector.
To retrieve the parameters:
- Log in to your AWS account.
- Open the AWS IoT browser tab and click Manage > Things. The Things pane appears.
- Click Thing[#]. The Thing[#} dialog box appears.
- From the left pane, click Interact. The pane changes to reflect your selection.
- Copy the REST API Endpoint under the HTTPS section. This is the Hostname parameter for the AWS connector.
- Click Secure > Policies. The Policies pane appears.
- Click Thing[#]-Policy. The Thing[#]-Policy dialog box appears.
Scroll to the bottom and copy SDK resource to your clipboard. For this use case, the SDK resource is sdk-golang. This is the Client ID parameter for the AWS connector.
The SDK resource valueCopy the first topic value. In this use case, the topic is topic_1. This the Integration Topic value.
The topic value
Follow the steps to Add a Connector and select the MQTT - Amazon AWS IoT Core over SSL provider.
Configure the following parameters.
- Name: Enter a name for the connector.
- Hostname: Paste the REST API Endpoint value copied in Step 6.
- Port: Enter the MQTT broker port. The default value is 8883.
- Certificate: Paste the downloaded certificate in Step 3.
- Private key: Paste the downloaded private key in Step 3.
- Client ID: Paste the SDK resource copied in Step 6.
- QoS: Confirm that the default value 0 is entered. The Quality of Service (QoS) level is an agreement between the sender of a message and the receiver of a message that defines the guarantee of delivery for a specific message.
- Parallel Publish Count: The number of messages being published simultaneously. Once the defined limit has been reached, subsequent messages are silently dropped. The default value is 100.
- Integration Topic: Paste the topic value copied in Step 6.
- LWT topic: The topic for Last Will and Testament feature of MQTT.
- LWT payload: The payload for Last Will and Testament feature of MQTT.
- LWT payload type: The payload type for MQTT's Last Will and Testament feature. The options are string and base64.
- LWT QoS: The Quality of Service value for MQTT's Last Will and Testament feature.
- LWT retained: Select this check box to retain the value for MQTT's Last Will and Testament feature.
- Throttling limit: The maximum number of messages per second to be processed. The default value is zero, which means that there is no limit.
- Persistent storage: When enabled, this will cause messages to undergo a store-and-forward procedure. Messages will be stored within Litmus Edge when cloud providers are online.
- Queue Mode: Select the queue mode as lifo (last in first out) or fifo (first in first out). Selecting lifo means that the last data entry is processed first, and selecting fifo means the first data entry is processed first.
After adding the connector, click the toggle in the connector tile to enable it.
If you see a Failed status, you can review the Connector Logs and relevant error messages.
You will now need to create topics for the connector. To create outbound topics, you have the option of importing the tag created in Step 6. To create inbound topics, you will have to manually create the topic.
You will need to log in to your AWS account to verify that outbound messages are being sent.
To verify outbound messages:
- Log in to your AWS account.
- Navigate to the AWS Things pane and click Monitor. The Monitor pane appears.
- Select Hour from the Time range drop-down list. The charts change to reflect your selection.
- Click the browser Refresh to refresh the page. The Successful connections chart shows a connection.
- Scroll down to the Messages published chart. The Messages published chart shows messages arriving.
You can create a flow in Litmus Edge to view the outbound messages.
To create a flow:
- DataHub Subscribe
- Debug
- Double-click the DataHub Subscribe node. The Edit DataHub Subscribe node dialog box appears.
- Paste the local topic you created in Step 9.
- If needed, configure the Datahub Subscribe connection. See the "Step 3: Configure Connector Nodes" section in Create a Flow to learn more.
- Click Done, and then click Deploy.
- Click the debug tab. See the Additional Options section in Manage the Flow Canvas for more details.
- Verify that Test Message appears in the debug results.
You can return to AWS Monitor browser tab and view the Messages published chart to see the outbound messages are being sent.