RediGate to AWS IoT

Introduction

In this tutorial, we will be demonstrating connectivity to the AWS IoT platform (https://aws.amazon.com/iot/). We will use a RediGate 120e with internet connectivity to demonstrate this connectivity, but this tutorial can be applied to any RediGate device with internet connectivity.

Example 1 : Publishing Simulated Data to AWS IoT

Pre-Requisites

  1. A RediGate 100 or 400 series device with internet connectivity
  2. Completion of the Getting Started Guide for your respective RediGate device (RediGate 100 Series or RediGate 400 Series)
  3. AWS account with the AWS IoT service enabled (https://aws.amazon.com/iot/)
  4. Ability to ping the internet (using DNS, so an address like google.com) from your RediGate

Instructions

  1. Using ACE, Open the default configuration you used in the "Getting Started Guide".
  2. Download and open Elecsys-AWS-Demo.xml from the http://partner.elecsyscorp.com site (AWS IoT Platform example) within the same ACE window.
  3. In your default configuration, enable the DNS Client object by setting its Enabled checkbox.


  4. Disable Virtual Unit 3 by clearing its Enabled checkbox.


  5. Copy and paste the following objects from the Elecsys-AWS-Demo.xml config into your default configuration:
    1. TLS Tunnels  (paste under Networks)


    2. FieldUnitInternalMast2 (paste under NullCircuit)


    3. VirtualRW Unit 4 (paste under NullCircuit)


    4. Data Simulator (paste under Internal Channel 15)


    5. MQTT Client (paste under Clients)

    6. NTP Client (paste under Clients). This insures that your RediGate has the correct system time, which is important for the TLS certificates. 



    7. The ${GATEWAY} parameter in your MQTT Client's "Last Will Topic" references the System → Unit Name value. For this example, change the Unit Name to "RG-AWS".




  6. Copy Table data from the Elecsys-AWS-Demo.xml Internal Channel 15 → Scan Table into your RediGate Configuration (in Internal Channel 15, open Scan Table, right-click and select Paste, over-write data). 





  7. Edit your TLS Tunnels → STUNNEL Parameters object so that the "Connect To" field matches the end point in your AWS IoT system.
    (In AWS IoT Platform, see "Settings" for the "Custom endpoint" name.)


  8. Create a device (or "Thing") for the RediGate in AWS, and move the Certificate, Private Key, and CA files from the "Thing" to your RediGate configuration:
    1. Create a new "Thing" in AWS IoT Registry:


    2. Give your thing a name, and select "Create Thing"


    3. Select Security → Create Certificate


    4. Download all of the keys and the root CA to your computer.


      Click the "Activate" button to activate the certificate.




    5. Click on "Attach a policy" and create or attach an authorization policy to this device certificate:


    6. The screenshot below shows a policy that allows the RediGate to publish, subscribe, and connect to any topic:


      Here is the text of the example policy code to include in the policy. Click on "Advanced mode" and copy the following into the Policy statement section (replace existing contents):

      { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iot:Publish", "iot:Connect", "iot:Subscribe", "iot:Receive" ], "Resource": [ "*" ] } ] }


    7. Confirm that your Thing's certificate has the correct policy attached to it:


    8. Save and upload your configuration, certification, private key, and CA to the RediGate:


    9. Connect to the RediGate as "root" using Putty (email us at idc-support@elecsyscorp.com for the default root password), and move the TLS files from the upload directory to /etc/stunnel. Use the commands:
      cd /home/director
      mv cert.crt /etc/stunnel
      mv ca.pem /etc/stunnel
      mv privkey.key /etc/stunnel

      NOTE: If the files you uploaded are not located in the /home/director  folder, check the  /home/Dirupld  folder.



    10. Finally, reboot the RediGate with the command:  reboot

  9. After the RediGate reboot, log in as "user" and verify that it has connected to the AWS IoT broker using the menu option 3 → 17.


Your RediGate will publish data every ~10 minutes since the scan rate value for "Internal Channel 15" is set to 600 seconds. If you would like to see data updated more quickly (the screenshot below has data updating every 10 seconds), you can lower that value and view the data being published in AWS using the "Test" tool

Select "Test", then "Subscribe to a topic".

Enter "RG/#" for the Subscribe topic, and click the "Subscribe to topic" button.

The data published from the RediGate should appear here whenever it is published, as shown below.

Example 2: Sending Data from AWS to Field Device

Once your RediGate is successfully publishing data to AWS, the next step is to subscribe to commands sent from AWS to the field devices connected to the RediGate. Details on the JSON structure that the RediGate expects to receive can be found in the JSON-RBE MQTT Payload Format document. The steps below outline how to write data to an integer tag under a virtual field unit:

  1. Open AWS IoT "Test" Application and select "Publish to a topic."

  2. Enter following values:

    Publish Topic:   RG/RG-120C/Channel15_VirtualRW/CMD or RG/${GATEWAY NAME}/${CHANNEL NAME}_${DEVICE OR RTU NAME}/CMD

    Payload (replace the text contents with the following:  {"d": {"IntValue": 12345}}

    And click the "Publish to topic" button.



  3. Confirm that the data was written to the RediGate by logging in to the RediGate with Putty and accessing MQTT Client Diagnostic screen (Option 3 → 17). Here you should see a value in the "Last Recv Topic" that looks similar to the screenshot below:

The value that you published should be saved in the Internal Channel 15 → Virtual RTU 4 → RTDB → Register 30001. See Accessing RTDB Data Dump for info on viewing RTDB values in the RediGate