AWS IoT Core Integration DONE

Dear all Loraserver users,

I’ve been searching, during the last two days, the way to integrate AWS IoT Core with the Lora-App-Server. I saw some topics in the forum talking about existing problems setting it up. Finally I got to do the integration and I would like to share it with all of you.

The next links helped me to reach my objective:

  1. https://www.loraserver.io/lora-app-server/integrate/data/
  2. https://github.com/gotthardp/lorawan-server/blob/master/doc/Integration.md
  3. https://forum.loraserver.io/t/nil-error-when-connecting-to-mqtt-broker-aws-iot-core/2003

First you should create a thing in IoT AWS Core as you can see in the link #1. Follow the steps (name, type, groups, attributes…). Then you have to create a certificate. It can be your own certificate by a CA or you could let AWS IoT to create it for you. I chose the second option and I downloaded the certificate, and the public and private keys into the /etc/lora-app-server/certs/ directory. After this you have to go to the security options in the main panel, and to create a policy. Then you will have to attach this policy to the certificate created before. For the moment we will use the policy given by #1:

"Statement": [{
  "Action": "iot:*",
  "Resource": "*",
  "Effect": "Allow"
}]

If you go to the thing you created, you will find, in the interact option, the link_point which you will have to insert into the lora-app-server configuration file.

Secondly, in the lora-app-server (mine is running in an Ubuntu 18.06 EC2 instance) you have to modify the /etc/lora-app-server/lora-app-server.toml file as follow:

    # MQTT server (e.g. scheme://host:port where scheme is tcp, ssl or ws)
    server:"ssl://link_point:8883
    # TLS certificate file (optional)
    tls_cert="/etc/lora-app-server/certs/certificate.pem.crt"
    # TLS key file (optional)
    tls_key="/etc/lora-app-server/certs/private.pem.key"

As you can see, it is important to change the “tcp” by the “ssl” protocol and it’s not necessary to fill the “ca_cert” because this is just when the certificate is self generated.

To check that everything is correct, go to the test/trial option in AWS IoT Core and write any topic like the next one:
application/1/device/#
If you have an application and a device created, you will see your data at the IoT AWS Core platform. From here, you are free to create and connect any allowed AWS application!

If you have any doubt or just you would like to share more things about this topic, do not hesitate to write here!

PD: Thanks a lot Brocaar for the work you are doing! It could be a very nice option to implement the AWS Integration, so that users could choose between two big cloud solutions (Google and Amazon). Thanks again!

6 Likes

Wow great job! If we could eventually officialize this implementation in future version, it would be a great addition.

2 Likes

Thanks! It could also be interesting to add other platforms like IBM Bluemix… couldn’t be? :smirk: The more intregations are added, the happier we will be!

Great work :+1: I’m currently traveling and will be back in about a week. Then I’ll look further into this and see what would be needed to “officialze” this integration :slight_smile:

Yes that is definitely the plan!

1 Like

super Thanks ! I had issues earlier while integrating with IoT core link and would like to know if you had made any configuration changes on the gateway and server side.

Did you install gatewaybridge on the gateway ? could you please share your configurations on gateway and loraserver.toml,
If multiple devices are registered to IoT core then how should we configure the app-server.toml.

Good job, I have the same setup with the bridge installed on the gateway. I’m using MQTT bridge mode in order to connect my gateways to IoT Core service in AWS.

I also have LoRa server and LoRa application server connected through mosquitto bridge to AWS too.

So every part of my network, “talks” to mosquito locally and then mosquitto bridges back to AWS.

This solves the problem of too many “Things” and “Certificates” and “Policies” in AWS, you only need one of them per instance (LoRa Server, LoRa App, LoRa Gateway).

2 Likes

Hi Rini!
I have installed the packet_forwarder software in my gateway. Then I have all the loraserver environment installed in an instance EC2 micro of Amazon. I know it would be safer to install lora_gateway_bridge in the GW, it will be a future objective!
According to the configuration done in the server side, I already shared in my first post everything I did. There are no more things to do following my steps.
If you have many sensors, you will be able to differentiate them by their ID or EUI. For instance you could subscribe to the topic of the device you have as: application/1/device/YOUR_DEVICE_ID/EUI

1 Like

Hi stelios!
I really like how you did it, so that you can receive information from several parts of your entire network into the IoT Core in AWS.
Thanks!

2 Likes

Thanks Promero, I do have the same setup will try again and see how it goes. The sensors part which you explained , sorry I should have been more clearer. My question was wrt. “Things and certificaties” which I think stelios has clarified.

1 Like

@stelios That’s great, thank you. I am trying to achieve something similar. However, I am using this bridge link on the gateway.
Would it be correct to say that you have only configured one file with IoT core details on it and that is the bridge Mosquitto. The app server.toml and lora server.toml has no information of iot core instead its still pointing to “tcp://mosquitto:port”.

Would you have any idea on what all configuration I would need to do if I use the above mentioned bridge setup.

Take a look at the link I have posted, you leave the default configuration for lora server and lora app and you make the bridge configuration to

#Create the configuration file
sudo nano /etc/mosquitto/conf.d/bridge.conf

So in that way, the bridge in the link you posted, forwards the packets to localhost:1883 mosquitto which is bridged with the IoT Core service.

2 Likes

thanks @stelios will try that.

This will simplify the things after connecting AWS with IoT as i get benefitted from it. Fix Error code 0X0070002 helped me to get the solution of this.

Hey @promero

Thanks for your great work, it’s really useful for the peoples who want to get LoRa into entire AWS world.

Currently, I’m facing an issue in getting my data to the Shadow state of my thing, I can able to view my entire payload in MQTT client(test). I just want to know how can I resolve this.

How to get my data to Shadow?

Just curious Stelios, What happens if the connection to IoT Core service goes down? Does the gateway-bridge still allow devices to publish and subscribe?

I’m having difficulty with the new version applying this process.

Now that Chirpstack has migrated to a new version (4.3), many of the file references in this description have changed. These instructions recommend changes to the ‘lora-app-server.toml’ file. I do not find that file in this version. Am I to edit the ‘chirpstack.toml’ file (or the ‘chirpstack-gateway-bridge.toml’ file)?

I have credentials that that allow me to bridge my mosquitto broker with aws. I can use that connection to send test packets in both directions, but I do not seem to be able to use it for delivering chirpstack traffic to aws.

I appreciate any advice.

1 Like

The link to aws Iot I used was made with these instructions:
How to Bridge Mosquitto MQTT Broker to AWS IoT | The Internet of Things on AWS – Official Blog (amazon.com)

I made these modifications to the ‘bridge.toml’ file recommended in the above document in mosquitto/conf.d so that all the topics passing through the bridge were available to aws, and used mqtt protocol version 5.0 as that is what AWS expects:

Specifying which topics are bridged and in what fashion

topic # out 1
topic # in 1

Setting protocol version explicitly

bridge_protocol_version mqttv50
bridge_insecure false

With these changes, I can now see all traffic.

Peter

1 Like