Testing MQTT webhooks with Amazon AWS
This section gives a step-by-step explanation on how to configure an MQTT connection to the AWS
AWS provides a good environment to test and validate the MQTT functionality. This section describes step by step how to get this configured.
IOT service
Go to the IOT core service
Thing creation
Go to Mange → Things. Click on 'register a thing'.
Give a name and go to next
Click on the top button to create a certificate with a simple click.
Now you will see a new screen where certificates can be downloaded. We will need the following files:
- The certificate (first link)
- The private key (third link)
Now click done
Policy creation
Next, we need to create a policy. X.509 certificates are used to authenticate your device with AWS IoT Core. AWS IoT Core policies are used to authorize your device to perform AWS IoT Core operations, such as subscribing or publishing to MQTT topics. Your device presents its certificate when sending messages to AWS IoT Core. To allow your device to perform AWS IoT Core operations, you must create an AWS IoT Core policy and attach it to your device certificate.
In the left navigation pane, choose Secure, and then choose Policies. Click create a policy.
On the Create a policy page, in the Name field, enter a name for the policy (for example, MyPolicy). Do not use personally identifiable information in your policy names.
In the Action field, enter 'iot:*'. In the Resource ARN field, enter *. Select the Allow check box. This allows all clients to connect to AWS IoT Core.
You can restrict which clients (devices) can connect by specifying a client ARN as the resource. The client ARNs follow this format:
Choose the Add Statement button to add another policy statement. In the Action field, enter iot:*. In the Resource ARN field, enter the ARN of the topic to which your device publishes.
The topic ARN follows this format:
For example:
Finally, select the Allow check box. This allows your device to publish messages to the specified topic.
After you have entered the information for your policy, choose Create.
Attach an AWS IoT Core policy to a device certificate
Now that you have created a policy, you must attach it to your device certificate. Attaching an AWS IoT Core policy to a certificate gives the device the permissions specified in the policy.
In the left navigation pane, choose Secure, and then choose Certificates.
In the box for the certificate you created, choose ... to open a drop-down menu, and then choose Attach policy.
Finally, also activate the certificate. Select the certificate from the list, click on the 3 dots to get the menu and choose the active action.
This concludes everything which needs to be done on the AWS side.
Sensolus MQTT configuration
Next fill in the MQTT settings in the Sensolus Web application:
A few fields need some explanation:
- Endpoint: this value can be found in the AWS console under Things → Shadows:
- private and public key: these files where downloaded when the certificate was created.
In the Sensolus application the 'Test' button will now send a dummy message to the topic. If all configuration was done correctly this should give a success message:
AWS subscribe test
The AWS console can be used to see the messages being published. In the left menu bar select test, fill in the topic name and click 'Subscribe to topic'
Now you should see every message published to the topic.