Send Data to AWS IoT

Amazon AWS IoT is a good choice for business applications. AWS seems to have good security and privacy protection. Here we will give an example of how to send your data to AWS IoT platform. It is a little complicated but still OK for IT specialist.

1. Setting up your AWS IoT environment

1) On the Welcome to the AWS IoT Console page, in the navigation pane, choose Manage->Things , then Register a thing.

2) On the Creating AWS IoT things page, choose Create a single thing.

3) On the Create a thing page, in the Name field, type a name for your thing, such as x750. Choose Next.

4) On the Add a certificate for your thing page, choose Create certificate. This generates an X.509 certificate and key pair.

5) On the Certificate created! page, download your public and private keys, certificate, and root certificate authority (CA):

  • Choose Download for your certificate.
  • Choose Download for your private key.
  • Choose Download for the Amazon root CA. This will display a new web page. Choose RSA 2048 bit key: Amazon Root CA 1. This opens another web page with the text of the root CA certificate. Copy this text and paste it into a file named Amazon_Root_CA_1.pem.

Most web browsers save downloaded files into a Downloads directory. You will copy these files to a different directory when you run the sample applications. Choose Activate to activate the X.509 certificate, and then choose Attach a policy.

The RSA 2048 bit key: Amazon Root CA1 download web page:

6) Active your thing

Back to the previous site, click “Activate“, then click “Done“.

2. Attach Policy

1) After you register your thing, you will need to create and attach a new policy to the certificate.

2) Enter a Name for the policy,such as x750_policy, then Advance mode

3) Delete the automatically created policy code, then paste the policy below.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "iot:Publish",
        "iot:Subscribe",
        "iot:Connect",
        "iot:Receive"
      ],
      "Effect": "Allow",
      "Resource": [
        "*"
      ]
    }
  ]
}

4) Create Policy after you pasted policy code.

5) On the left side, Secure –> Certificates, Select the certificate you just created, Actions –> Attach policy

6) Chose the policy you created(x750_policy) and choose Attach.

3. Config SANOXY devices to connect to AWS IoT

1) Upload your certificate to the router

Rename the downloaded certificate files :

AmazonRootCA1.pem –> root_CA.crt

xxxxxxxxxx.private.pem.key –> client.key

xxxxxxxxxx. certificate.pem.crt –> client.crt

You can use SSH or WinSCP to transfer these three certificate files to /etc/aws/ on router. Please create new folder if you cannot find /etc/aws/.

mkdir /etc/aws/

2) Update mqtt package on SANOXY routers.

You can check if your router comes with updated MQTT package. If it is not, please upgrade it if you want to use AWS.

Download the updated mqtt package

Use WinSCP/SSH to transfer the package to /tmp/ , then delete the old package.

opkg remove gl-mqtt --force-depends

Then install the package:

opkg install gl-mqtt_3.0.37-1_mips_24kc.ipk

3) Setup config file for your router

Edit /etc/config/glconfig

Add the following code to your glconfig file.

config service 'cloud'                                                   
        option enable '1'                                               
        option sub_topic '/a1rLNyG2VK5/mqtt_demo/user/get'               
        option pub_topic '/sys/a1rLNyG2VK5/mqtt_demo/thing/event/property/post' 
        option service_pride '2'                                         
        option address 'ssl://xxxxxxxxxxxxxx-ats.iot.us-east-1.amazonaws.com:8883'
        option clientid 'iotconsole-xxxxxxxxxxxxxx'   
        option log '1'

The sample of glconfig file:

If you already setup GoodCloud on router, just add the code at the end of config service ‘cloud’


1                config service ‘cloud’
2                                 option enable ‘1’
3                                 option check_status ‘1’
4                                 option serverzone ‘gslb.goodcloud.xyz’
5                                 option username ‘speedllc’
6                                 option email ‘admin@speedllc.net’
7                                 option bindtime ‘1551326448000’
8                                 option sub_topic ‘/a1rLNyG2VK5/mqtt_demo/user/get’
9                                 option pub_topic ‘/sys/a1rLNyG2VK5/mqtt_demo/thing/event/property/post’
10                                option service_pride ‘2’
11                                option address ‘ssl://a30f88tz236cgp-ats.iot.us-east-1.amazonaws.com:8883'
12                                option clientid ‘iotconsole-a30f88tz236cgp’

option log '1'

must be contained in the config file.

Note**

The topic ARN follows this format:

arn:aws:iot:*your-region*:*your-aws-account*:topic/*<your/topic>*

For example:

arn:aws:iot:us-east-1:123456789012:topic/my/topic

Topics

The message broker uses topics to route messages from publishing clients to subscribing clients. The forward slash (/) is used to separate topic hierarchy.

Note

We do not recommend using personally identifiable information in your topics.

The following table lists the wildcards that can be used in the topic filter when you subscribe.

Topic Wildcards

WildcardDescription
#Must be the last character in the topic to which you are subscribing. Works as a wildcard by matching the current tree and all subtrees. For example, a subscription to Sensor/# receives messages published to Sensor/Sensor/tempSensor/temp/room1, but not the messages published to Sensor.
+Matches exactly one item in the topic hierarchy. For example, a subscription to Sensor/+/room1 receives messages published to Sensor/temp/room1,Sensor/moisture/room1, and so on.

4) HTTP: API Endpoints add to router config file

The message broker supports clients connecting with the HTTP protocol using a REST API. Clients can publish by sending a POST message to *<AWS IoT Endpoint>*/topics/*<url_encoded_topic_name>*?qos=1".

At the left side of AWS IoT, Manage -> Things

You can find your AWT IoT endpoints at Interact.

5) Connect your devices to AWS IoT Cloud

Start connect to AWS Cloud

/etc/init.d/gl_mqtt start

Restart the mqtt services if its process is running.

/etc/init.d/gl_mqtt restart

Check mqtt process status

ps | grep gl_mqtt

4. MQTT Communication Testing

Test->Subscribe to a topic

The subscription and publish topics in glconfig file:

option sub_topic '/a1rLNyG2VK5/mqtt_demo/user/get'               
option pub_topic '/sys/a1rLNyG2VK5/mqtt_demo/thing/event/property/post' 

So the Subscription and Publish topic in AWS IoT Cloud shall be exchanged:

Subscription Topic:  '/sys/a1rLNyG2VK5/mqtt_demo/thing/event/property/post' 
Publish topic:  '/a1rLNyG2VK5/mqtt_demo/user/get'

Try Subscribe to topic, a message published by your router will be received in few seconds.

Or Publish topic to your router a message:

A message published by AWS IoT Cloud will be received on your router in few seconds.

logread

Application and Demo

Read BLE Thermal Sensor

The following demo show how to read data from a thermal sensor, pack the data in JSON format and send to the GoodCloud.

#!/usr/bin/sh
. /usr/share/libubox/jshn.sh
while true
do
sleep 5
bletool on
bletool discovery_type 1 1
bletool discovery 1 1 0 | awk '/0d09536d6172745f426561636f6e02/{print $0; exit}' >
/tmp/blesniffer.log
bletool end_procedure
adv_data=`awk '{print $1}' /tmp/blesniffer.log`
date=`date +"%Y%m%d%H%M%S"`
json_init
json_add_string "api" "/user/data"
json_add_object "data"
json_add_string "date" "$date"
json_add_string "advertising data" "$adv_data"
json_close_object
json_close_object
data=`json_dump`
ubus call mqtt pub "$data"
rm /tmp/blesniffer.log
done