#3 Connecting IoT projects securely to AWS cloud

Secure connectivity with AWS

Recipe: Securely connect your IoT data to an AWS MQTT Broker

Ingredients: AWS Account, Asavie Network Connector, AWS CloudFormation template


Get Cooking:

The recipe uses an AWS CloudFormation template* which creates a simple Virtual Private Computer (VPC) equipped with the Asavie Network Connector and a MQTT broker. The script creates an AWS VPC with two EC2 ** instances to allow you to connect your devices to an AWS MQTT broker.

The template creates two EC2 instances:

  1. Instance 1: Asavie Network Connector runs on a Windows Server 2012 R2 instance (t2.micro)
  2. Instance 2: MQTT Broker (t2.micro)

Steps to deploying the AWS VPC

  1. Download the CloudFormation template from Asavie GitHub
  2. Go to CloudFormation stack creation wizard and create a new stack
  3. Upload the previously downloaded CloudFormation json script
  4. Click next and enter:
    1. A stack name
    2. EC2 key pair (previously created or uploaded)
    3. Client IP address subnet (including /32)Fill in the parameters
  5. Click Next, sit back and relax!

1 – Enter the network parameter values

2 – Review the details and accept if correct

3 – Check the uploaded stack template and  select create

Configuring the Asavie Network Connector

When the CloudFormation script has completed successfully you will need to login to the Asavie Network Connector instance to activate and connect it to your private Asavie PassBridge™ network – at this point, RDP access from your office network is allowed.

MQTT stands for MQ Telemetry Transport as defined by mqtt.org. It is a publish/subscribe, extremely simple and lightweight messaging protocol, designed for constrained devices and low-bandwidth, high-latency or unreliable networks. MQTT is often referred to as a machine-to-machine (M2M)/Internet of Things connectivity protocol.

You will need the EC2 KeyPair used to create the VPC (downloaded .pem file) – this will allow you to login to your Windows based Network Connector

Read the AWS instructions at http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/connecting_to_windows_instance.html

You should follow the advice in the guide and change the administrator password from the default value.

  1. In EC2 right click on the network connector instance and click connect
  2. Retrieve your password
  3. Download RDP file
  4. Connect


Download and install the Asavie Network Connector

  • Login into the iSimpyConnect portal and download a copy of the Network Connector installer (under Network Settings tab)
  • Upload the downloaded installer package to the running Windows OS AMI instance
  • On the AMI instance, double click on the installer package and follow the steps as shown below


1 – On the desktop of the Windows Instance you will see an Asavie supplied application

The  application (agent_3.6.3.2701_asavie_en-us_x64.msi) will install, activate and connect your instance to the Asavie PassBridge™ network.

2 – The installer will prompt you for an activation code, which is available through the iSimplyConnect portal.

Note: The activation code, can be retrieved by logging into your iSimplyConnect account.

3 – Job done! The network connector now securely connects your IoT data into AWS

*      The CloudFormation script is supplied “as is” without warranty and is licensed under https://opensource.org/licenses/MIT”>MIT License. You will need an AWS account to deploy your VPC. iSimplyConnect/Asavie is not responsible for any AWS charges incurred. In the template you may need to modify the RegionalInstancesMap for your location.

**      The template is available to download from GitHub at https://github.com/asavie/IoT/blob/master/aws/templates/aws_iot_cf.json – before you run the script you will need to have access to an AWS EC2 Key Pair (including the private key). The Key Pair is used to login to your Linux instance and to decrypt the initial Windows Administrator password for the Asavie Network Connector.

***     If you don’t have a Key Pair or can’t access the Key Pair file, then we suggest you create a new Key Pair and store it securely. Make a note of the Key Pair name as it will be required when you run the CloudFormation script.