Email Us at info@n3uron.com

Download N3uron

RESOURCES / TECHNICALLY SPEAKING

How to Connect Your Industrial Assets to AWS IoT Using N3uron’s MQTT Module

An industrial plant exterior with AWS IoT and N3uron icons on the top it

Connecting AWS IoT: Overview

As stated in our previous article, MQTT: The Universal Messaging Protocol for Cloud Providers and IIoT Systems, MQTT has emerged as the defacto standard for IIoT and of course, is also supported by AWS IoT. OT infrastructure can be connected to AWS IoT Core as well as AWS IoT Greengrass Core using MQTT, enabling access to the whole ecosystem of services currently provided by AWS. In short, AWS IoT Core is the service that receives and routes MQTT messages from edge devices and applications such as N3uron This guide explains in detail how to communicate your industrial assets bi-directionally with AWS IoT Core in a secure way by means of N3uron’s MQTT module and thus, bridge the gap between OT and IT.

Diagram displaying operational data using N3uron IIoT protocols and Amazon IoT platform

Diagram displaying operational data exchange between OT assets and Amazon IoT using N3uron IIoT protocols

N3uron and AWS IoT Requirements

It is assumed that you already have an AWS account. If not, you can create one at https://aws.amazon.com. If you haven’t downloaded N3uron yet, you can do so at https://n3uron.com/downloads/. If this is the first time installing N3uron, our Quick User Guide will guide you through the entire installation process.

Configuring AWS IoT Core

Log Into Amazon and Open AWS IoT Console

Click on the link to get to the AWS IoT console.

Screenshot displaying the Amazon IoT platform console panel

Screenshot displaying the Amazon IoT platform console panel

Once logged in, you’ll create the AWS IoT resources that a device will require in order to connect to AWS IoT and exchange messages.

Create a Policy using the AWS IoT Console

This policy will authorize your device to interact with AWS IoT services.

Certificates are used to authenticate your device with AWS IoT Core. AWS IoT policies are attached to the certificate authenticating the device to determine the AWS IoT operations, such as subscribing or publishing to MQTT topics that this device is permitted to perform. The device will present its certificate whenever it connects and sends messages to the AWS IoT Core.

The following procedure will create a policy that allows your device to perform the AWS IoT operations necessary for this example. You must create the AWS IoT policy first, which will then allow you to attach it to the device certificate that you will be creating later.

  • Step 01: Within the AWS IoT console, in the left-hand menu, first select Secure, and then Policies. On the You don’t have a policy yet page, choose Create a policy. If your account has existing policies, choose Create.
  • Step 02: On the Create a Policy page:
    A: In the Name field, enter a name for the policy (for example, N3uron_Policy).
    B: In the Action field, enter iot:Connect, iot:Receive, iot:Publish, iot:Subscribe. These are the actions that the device will need permission to perform.
    C: In the Resource ARN field, enter *. This selects any client (device). For increased security, it’s highly recommended that access is restricted by specifying a client ARN (Amazon resource name) once your Thing has been created.
    D: Select the Allow check box. These values allow all clients that have this policy attached to their certificate to perform the actions listed in the Action field.
  • Step 03: After you have entered the information for your policy, choose Create.

For more information, see IAM policies.

Screenshot displaying the “create policy” panel in the Amazon IoT platform

Screenshot displaying the “create policy” panel in the Amazon IoT platform

Create a Thing in the AWS IoT Console

Devices connected to AWS IoT are represented by Thing objects in the AWS IoT registry. A Thing object represents a specific device or logical entity.

  • Step 01: Within the AWS IoT console, in the left-hand menu, select Manage,
    then choose Things.
  • Step 02: On the Things page, select Create Things.
  • Step 03: On the Create Things page, select Create a single thing, then select Next.
Screenshot displaying the “create things” panel in the Amazon IoT platform

Screenshot displaying the “create things” panel in the Amazon IoT platform

  • Step 04: On the Specify thing properties page, for Thing name, enter a name for your Thing. In this example, we have named it “N3uron_Gateway”. When naming Things, it’s important to choose the name carefully because a thing name cannot be changed after it has been created.
  • Step 05: Leave the rest of the fields on this page empty. Select Next.
Screenshot displaying the “specify thing properties” panel in the Amazon IoT platform

Screenshot displaying the “specify thing properties” panel in the Amazon IoT platform

  • Step 06: On the Configure device certificateoptional page, select Auto-generate a new certificate (recommended). Select Next.
Screenshot displaying the “configure device certificate” panelinf the Amazon IoT platform

Screenshot displaying the “configure device certificate” panelinf the Amazon IoT platform

  • Step 07: On the Attach policies to certificateoptional page, select the policy you created in the previous section. In the previous section, this policy was named, N3uron_Policy. Choose Create thing.
Screenshot displaying the “attach policies” panel in the Amazon IoT platform

Screenshot displaying the “attach policies” panel in the Amazon IoT platform

  • Step 08: On the Download certificates and keys page:
    A: Download each of the certificates and key files and save them for later. You’ll need to install these files on your device. See below for the required files:
    – Private key.
    – Public key.
    – Device certificate.
    – Root CA certificate.
    B: Download the Amazon root CA 1.
    C: Choose Done.
Screenshot displaying the “download certificates and keys” window in the Amazon IoT platform

Screenshot displaying the “download certificates and keys” window in the Amazon IoT platform

After this procedure is complete, you should be able to see the new thing object in your list of Things. Click on the Thing you’ve just created, N3uron_Gateway, select the Certificates tab, and make sure the certificate is active.

Screenshot displaying the “Thing details” panel in the Amazon IoT platform

Screenshot displaying the “Thing details” panel in the Amazon IoT platform

Configure N3uron IIoT Platform

Log Into the N3uron IIoT Platform Using a Web Browser

If this is your first time accessing N3uron, open your web browser and type http://localhost:8003. By default, the User and Password is admin and n3uron respectively.

Screenshot displaying the log in interface in N3uron's IIoT platform WebUI

Screenshot displaying the log in interface in N3uron’s IIoT platform WebUI

Create a Module Instance Within N3uron’s WebUI Interface

  • Step 01: In the Navigation panel, select Config.
  • Step 02: In the Explorer panel, select Modules.
  • Step 03: Click on the Model menu and select New Module.
  • Step 04: The instance can be given any name but for the example we will use MQTT.
  • Step 05: Set the Module Type property to MqttClient. Leave the rest of the properties as their default values and click Save.
Screenshot displaying how to create an instance using N3uron's MQTT Module panel

Screenshot displaying how to create an instance using N3uron’s MQTT Module panel

Configure N3uron’s MQTT Module within the WebUI’s Explorer Panel

  • Step 01: In the Explorer panel, select the MQTT instance you have just created.
  • Step 02: Click on the Model menu button and select New Connection.
  • Step 03: Give the New connection a name. In this example, it has been named AWS.
  • Step 04: Configure the connection properties:
    A: Select Amazon Web Services from the Destination Broker drop down menu.
    B: Load the Certificate, Private key and CA certificate you downloaded and saved when you created the Thing in the AWS IoT Console.
    C: In the AWS IoT console, in the left-hand menu, go to Settings and copy your Device Data Endpoint. Go back to N3uron and paste it in the Broker URL field.
    D: Leave the rest of the properties as their default values and click on Save.
Screenshot displaying the Endpoint in the Amazon IoT platform

Screenshot displaying the Endpoint in the Amazon IoT platform

Screenshot displaying AWS IoT platform connection configuration in N3uron's MQTT module panel

Screenshot displaying AWS IoT platform connection configuration in N3uron’s MQTT module panel

Publish Data Using N3uron’s MQTT Module

  • Step 01: Within the Model panel, right-click on the AWS Connection you have just configured, select New Publisher, and give it a name. In this example, we will simply use Publisher.
  • Step 02: Click on it and add a name in the Topic field. In this example, we have used N3uron.
  • Step 03: Click on the Tag Filter button, select New Tag Filter, and change the default name. In this example we have used Filter. Leave Mode, Path, and Regex pattern as their default values. With this configuration, every tag configured in N3uron will be published to our AWS Broker.
Screenshot displaying the publisher configuration setting in N3uron's MQTT module panel

Screenshot displaying the publisher configuration setting  in N3uron’s MQTT module panel

  • Step 04: In the Explorer panel, select Tags.
  • Step 05: In the Model menu, right-click on the folder icon, select New Tag, and give it a name. In this example, we will use Process_value.
  • Step 06: Within the Configuration panel, set the following properties using the values shown below, leaving the rest of them as their default values:
    Type: Number.
    Simulation/Enabled: Yes
Screenshot displaying the tag configuration settings in N3uron's MQTT module panel

Screenshot displaying the tag configuration settings in N3uron’s MQTT module panel

  • Step 07: Go to the AWS IoT console and in the left-hand menu, select MQTT test client.
  • Step 08: Click on the Subscribe to a topic tab, enter # in the Topic filter to subscribe to everything, and click on Subscribe. Within a few seconds you should see the messages published to the N3uron/Process_Value topic that corresponds to our previous configuration.
Screenshot displaying the MQTT test client panel in the Amazon IoT platform

Screenshot displaying the MQTT test client panel in the Amazon IoT platform

Subscribe to a Topic Using N3uron’s MQTT Module

  • Step 01: In the Model panel, right-click on the AWS Connection, select New Subscriber, and give it a name. In this example, we will simply use Subscriber.
  • Step 02: Click on it and add a name in the Topic field. In this example, we have used Test2.
  • Step 03: Set the following properties using the values shown below, leaving the rest of them as their default values:
    Qos: Qos 0.
    Encoding: UTF8
    Compression: None
    Serialization: JSON
    Data parser/Type: MqttClient JSON
Screenshot displaying the subscriber configuration settings in N3uron's MQTT module panel

Screenshot displaying the subscriber configuration settings in N3uron’s MQTT module panel

  • Step 04: Within the Explorer panel, select Tags.
  • Step 05: In the Model menu, right-click on the folder icon, select New Tag, and give it a name. In this example, we will use Subscribed_value.
  • Step 06: In the Configuration panel, set the following properties using the values shown below, leaving the rest of them as their default values:
    Type: Number.
    Source/Enabled: Yes
    Module Type: MqttClient
    Module name: MQTT
    Config/Subscriber: AWS/Subscribe.
  • Step 07: Click on Save.
Screenshot displaying the subscribed tag configuration settings in N3uron's WebUI interface

Screenshot displaying the subscribed tag configuration settings in N3uron’s WebUI interface

  • Step 08: Go to the AWS IoT Console and in the left-hand menu select MQTT test client.
  • Step 09: Click on the Publish to a topic tab, enter Test2 in the Topic filter, and enter the following in Message Payload:

{

      “/Subscribed_value”: [{

            “v”: 3.14159,

            “q”: 192,

            “ts”: 1630668488618

      }]

}

  • Step 10: Click on the Publish button.
  • Step 11: Go back to the N3uron WebUI interface and in the left-hand panel, select Data/Real Time. You should now see the Subscribed_Value tag you created before with a value of 3.14159.
Screenshot displaying real-time values in N3uron's WebUI interface

Screenshot displaying real-time values in N3uron’s WebUI interface

Create a Writer Using N3uron’s MQTT Module

Writers are similar to Subscribers, the main difference between them being that Writers issue a write command to the underlying data provider for a specific tag, while a Subscriber acts directly as a data provider.

  • Step 01: Within the Model panel, right-click on the AWS Connection, select New Writer, and give it a name. In this example, we will simply use Writer.
  • Step 02: Click on it and add a name in the Topic field. In this example, we have used Test.
  • Step 03: Set the following properties using the values shown below, leaving the rest of them as their default values:
    Qos: Qos 0.
    Serialization: JSON
    Data Structure: Compact
    Compression: None
    Encoding: UTF8
  • Step 04: Click on the Tag Filter button, select New Tag Filter, and change the default name. In this example, we have used Filter.
  • Step 05: Enter /Setpoint in the Path field and leave Mode & Regex pattern as their default values.
Screenshot displaying the writer configuration settings in N3uron's MQTT module panel

Screenshot displaying the writer configuration settings in N3uron’s MQTT module panel

  • Step 06: Within the Explorer panel, select Tags.
  • Step 07: In the Model menu, right-click on the folder icon, select New Tag, and give it a name. In this example, we will use Setpoint.
  • Step 08: In the Configuration panel, set the following properties using the values shown below, leaving the rest of them as their default values:
    Type: Number.
    Source/Enabled: No
    Client access: Read/Write
  • Step 09: Click on Save.

Screenshot displaying the writer tag configuration settings in N3uron’s WebUI interface

  • Step 01: Go to the AWS IoT console and in the left-hand menu, select MQTT test client.
  • Step 02: Click on the Publish to a topic tab, enter Test in the Topic filter, and enter the following in the Message Payload:

{

      “/Setpoint”: 25.8

}

  • Step 03: Click on the Publish button.
  • Step 04: Go back to the N3uron WebUI interface and in the left-hand panel, select Data/Real Time. You should now see the Setpoint tag you created before with a value of 25.8.

Conclusion: How to Connect AWS IoT Using N3uron’s MQTT Module

Connecting your assets to the AWS infrastructure is extremely easy using N3uron’s MQTT Client module. If you’re ready to go using MQTT, download the N3uron free trial version and read our MQTT Client Manual on how to implement and use N3uron’s MQTT software module on our communication platform. Download the MQTT Client Manual.

AWS IoTMQTT

Jose Granero

Jose Granero is Head of Customer Success at N3uron Connectivity Systems. He holds a Master of Science degree in Industrial Engineering from the Polytechnic University of Madrid and a Master in Project Management from the School of Industrial Engineers of Madrid. With a strong background in industrial automation and telecommunications, he has performed diverse roles during his career, such as IT/OT Systems Manager and O&M Area Manager, mainly in multinational companies. In his current role, he leads the customer success team, overseeing the customer journey from onboarding to provide the best customer experience.

    Sign-up for our newsfeed and get blog updates sent straight to your inbox.

    By clicking “Sign Me Up,” you agree to the Term of Use and the submission and processing of your data. Privacy Policy.

    Want to stay up-to-date with us?

    Sign up for our News Feed.

    By clicking "Sign Me Up", you agree to the Terms of Use and the submission and processing of your data. Your privacy is important to us. We will never sell or rent your information. Privacy Policy.