The AWS IoT Core driver enables the PLCnext Edge Gateway to connect and publish data to the AWS IoT Core platform. This page includes help on the AWS IoT portal but may not reflect the most recent changes to the AWS interface. For the most recent AWS IoT interface documentation, consult the AWS IoT documentation.
Create AWS IoT Thing
Log into your AWS management console and navigate to the IoT Core service. From the left navigation bar, under the 'Connect' heading, click 'Connect one device.' Then click 'Connect device.'
Follow the proceeding prompts, selecting 'Linux/OSX' as the platform, and Node.js as the 'Device SDK.' Give the new 'thing' a name. Then, click the download button for the 'Linux/OSX' connection kit. This will download a zip file to your downloads folder with the name 'connect_device_package.zip'. Once the download is completed, click next and finally the 'done' button. This will finalize the creation of the AWS IoT Core thing and it will be displayed on the 'Things' dashboard.
Once the connect device package has been downloaded, the last item required to create a connection to AWS is the AWS root CA cert. Navigate to https://www.amazontrust.com/repository/AmazonRootCA1.pem and download the file to a memorable location, preferably next to the connect_device_package.
Last, in order to enable communication to your AWS thing, it must have an associated security policy. If you don't already have a security policy generated, follow the next section "Creating a security policy." Once the policy is created, it must be attached to this thing. Once this final step is completed, the PLCnext Edge Gateway will be able to connect and publish data to this AWS thing.
Creating a security policy
Security policies for AWS enable detailed permissions strategies for thing communication. By default, no device will be able to connect or publish to your AWS account without the appropriate credentials and a valid security policy. The following directions explain the minimum requirements for the PLCnext Edge Gateway to connect to AWS, however, the example policy should be modified for your end use case.
Get started by navigating to the 'Security' -> 'Policies' page. Click the newly created device policy which take the form [thingName]-Policy.
From the thing policy page, click 'Edit active version' and select JSON as the editing format. The minimum requirements for the PLCnext Edge Gateway are to have publishing access to the topic of the thing's name as configured on the PLCnext Edge Gateway. In this example case, ...:/PLCnextEdgeGateway0. All metrics will be published in JSON format to this topic. Next, the device requires Connect permissions, the topic being :client/PLCnextEdgeGateway0 in the case of the example. In the full example video, all first level topics are enabled for publishing and subscribing - /topic/*. Again, these permissions should be limited as much as possible for the end application.
Once the valid security policy has been created, scroll down and save the current version as the active version and submit. This setting is required in order for a connection attempt to be successful.
Creating a Connection
In order to connect to AWS IoT Core, the CA cert and connect_device_package is required along with the AWS root CA cert which were downloaded in previous steps. On the PLCnext Edge Gateway web interface, add a cloud connection.
Creating a connection to the AWS IoT Core Platform requires the following parameters.
Name: Unique name for the cloud connection as it will be referenced on the PLCnext Edge Gateway.
Host: Unique hostname/url of your cloud service as collected from the IoT Core settings page
Device ID: Unique ID for this device as generated in your cloud account
Private Key: Private Key file as provided by the connection package.
Device Cert: Device Certificate file as provided by the connection package.
CA Cert: AWS root CA certificate file as downloaded in previous steps.
If you have not already done so, you can download the AWS root certificate here. After following the link, save the page/file as "AmazonRootCA1.pem". It can then be uploaded for each AWS client created.
The following video gives guidance on the connection steps.
Once all of the details have been entered and uploaded, clicking submit will produce an AWS IoT Core connection tile on the dashboard.
Publishing Data
Once an AWS connection has been established, data can be published by clicking on the dashboard tile of the AWS connection.
To begin publishing data, click the '+Add' button on the Metrics panel. Click the source button to select the desired data to publish
Once the form has been configured and submitted, the published data will be added to the Metrics panel and a publishing status is given.
Verify your IoT Data
Once your AWS connection has been established and data has started publishing, you can navigate to your "Test -> MQTT test" client page to verify data is being collected. From the "Test->MQTT test client" sidebar, enter the name of your Thing into the Subscription Topic field. Each metric will be published with the JSON object properties of the metric's name, value, and "dateTime" which is the timestamp of the data value.