How to integrate TagoIO with AWS IoT Core

This tutorial provides a step-by-step guide to integrate AWS IoT (Network Server) with the TagoIO Platform. By following these instructions, you will enable uplink and downlink operations, allowing data exchange between your LoRaWAN devices and the TagoIO application.

Prerequisites

Before proceeding with the integration, ensure you have the following:

• TagoIO Account: An active TagoIO account. If you don’t have one, sign up here.
• AWS Account: An active AWS account with access to AWS IoT Core.
• LoRaWAN Device: A LoRaWAN-compatible device ready for integration.
• Internet Connectivity: Ensure your device and gateway are connected to the internet.
• Region Information: Determine your deployment region (e.g., us-e1, eu-w1). Refer to the TagoIO Network Integration Regions for available regions.

Official Downlink support from TagoIO SDK is not included for this integration. You are going to need to use TagoIO Analysis to manually perform endpoint request to AWS.

Step 1: Create Authorization in TagoIO

1. Access Authorizations:

   • Go to Devices.

   • Click on Authorizations at the top of the page.

2. Create a New Authorization:

   • Click the Create Authorization button.

   • Provide a meaningful name for the authorization (e.g., AWS-Integration).

   • Click Save.

3. Copy the Authorization Token:

   • After creation, copy the authorization token. You will need this in later steps.

Note : you need to create only one Authorization for all your devices.

Step 2: Set Up Integration in AWS Console

Set up AWS IoT Core to forward data from your LoRaWAN devices to TagoIO.

1. Access AWS IoT Core:

   • Log in to your AWS Management Console.

   • Navigate to AWS IoT Core under the Services menu.

2. Create a New Rule:

   • In the AWS IoT Core dashboard, select Act from the sidebar.

   • Click on Create to initiate a new rule.

3. Define Rule Details:

   • Name: Enter a descriptive name for the rule (e.g., TagoIOIntegrationRule).

   • Description: Provide a brief description.

4. Set Rule Query Statement:

   • In the Rule query statement section, define the SQL-like statement to filter incoming MQTT messages.
     SELECT * FROM ‘device/+/data’

   • Explanation: This statement forwards all messages from topics matching device/{assetID}/data.

   • Reference: For advanced filtering, consult the AWS IoT Rule SQL Reference.

5. Add Action to Forward Data:

   • In the Set one or more actions section, click Add Action.

   • Select Send a message to a downstream HTTPS endpoint and click Configure action.

6. Configure HTTPS Endpoint:

   • Endpoint URL: Use the following format, replacing REGION with your deployment region:
     https://awsiot.middleware.REGION.tago.io/uplink
     Example: https://awsiot.middleware.us-e1.tago.io/uplink

   • Confirmation URL:https://awsiot.middleware.REGION.tago.io/

7. Headers:

   • Key: authorization

   • Value: Paste the authorization token obtained in Step 1.
     {
     “authorization”: “123e4567-e89b-12d3-a456-426614174000”
     }

   • Note: Ensure the endpoint URL matches your deployment region.

8. Specify Endpoint Configuration Based on AWS IoT Service:
   2.1 AWS IoT LoRaWAN
   If you are using AWS IoT LoRaWAN, configure the HTTPS endpoint as follows:
   https://awsiot.middleware.REGION.tago.io/uplink

2.2 AWS IoT Core Broker

If you are using AWS IoT Core Broker, determine how to extract the Asset ID for each device:

• Option 1: Extract from Topic

  • Topic Structure: device/{DeviceUID}/data
  • HTTPS Endpoint:
    https://awsiot.middleware.REGION.tago.io/uplink/${topic(2)}

• Option 2: Extract from MQTT Client ID

  • HTTPS Endpoint:
    https://awsiot.middleware.REGION.tago.io/uplink/${clientid()}
    Recommendation: Use this method if you’re utilizing AWS IoT LoRaWAN.

9. Finalize and Create the Rule:

   • After configuring the HTTPS endpoint, click Create to finalize the rule.
   • Verification: Ensure the rule status is Enabled in the AWS IoT Core dashboard.

Destination example652×500 27.3 KB

Now you can create the rule. After creating the rule, TagoIO will authorize your downstream and you should see “Enabled” in the rule list for your rule at AWS IoT.

Step 3: AWS IoT LoraWAN Additional Steps

With your rule created at Step 2, we are assuming you’re using the endpoint for MQTT ClientID.

• Access your Wireless Connectivity section and click on the Destinations option.
• Click to Add a new destination.
• Enter a Destination name and Destination description of your choice.
• Select Enter a rule name as an option.
• Enter the same rule name from the rule you created at step 2.
• You can skip Rule Configuration as you already did in step 2.
• Set the permissions or create a new service role. It will grant the permissions needed for your device to send data to TagoIO.
• Press Add Destination and you’re done.

AWS IoT LoraWAN example690×433 25.8 KB

Step 4: Add Device in TagoIO

To integrate your device with the TagoIO Platform, follow these guidelines:

1. Ensure Device EUI Consistency:

   • When creating the device in TagoIO, use the exact same Device EUI that is configured in AWS IoT.

   • The Device EUI must match exactly to establish a successful connection between AWS IoT and TagoIO.

2. Select the Appropriate Network and Device Type:

   • Choose the AWS IoT Network during the device setup process.

   • Select the correct device type from the available options. If your device is not listed, you can add support through connectors.

3. Add Device Support via Connectors (If Necessary):

   • If your device type is not available in the default list, enhance its compatibility by utilizing connectors.

   • For more information on available connectors and how to use them, refer to the Connector Overview.

For detailed instructions on adding devices, visit the Adding Devices page.

Finalizing Setup

1. Power On Your Devices:

   • Turn on your LoRaWAN device and gateway to initiate data transmission.

2. Verify Data Reception:

   • In TagoIO, navigate to the Device and into the Data tab to confirm that data is being received.

   • Alternatively, use the Live Inspector within your device settings to monitor incoming data in real-time.

With data successfully flowing into TagoIO, you can start creating dashboards, add notifications, and create scripts to process your data.

Learn how to perform downlink for LoRaWAN.

In Step 2 & 4, are the MQTT ClientID & asset ID - DEVEUI of the LoRaWAN device?

Hi FuJi,

Yes, that’s correct. Usually is much easier if you have the DevEUI in the Client ID.

Keep in mind that the topic in the tutorial is just an example. You must check which topic is being used by your gateway with AWS.

Hi Vitor

How can I confirm that the AWS IoT LoRaWAN middleware is working?

I have configured downstream HTTPS Endpoint in AWS IoT rule as: https://awsiot.middleware.tago.io/uplink/24e12472xxxxxxxxxx.

But I’m not receiving data (verified using the Live Inspector tab in the Device).

Device is working in AWS(verified using AWS IoT network analyzer).

Am I able to test the middleware by making a POST through Postman?

I have tried but received “message”: “Serial Number not found”.

Hello,

when we follow the above directions, we get this error

{
“failedAction”: “HttpAction”,
“failedResource”: "https://awsiot.middleware.tago.io/uplink/631203eb8b5206001a7729a0",
“errorMessage”: "HttpAction failed to make a request to the specified endpoint. Destination for confirmationUrl 'https://awsiot.middleware.tago.io/uplink/631203eb8b5206001a7729a0’ is not enabled. Current status: IN_PROGRESS. Message arrived on: $aws/things/mimic-tagoio-1/shadow/update/accepted, Action: http, url: https://awsiot.middleware.tago.io/uplink/631203eb8b5206001a7729a0"
}

for device

https://admin.tago.io/devices/631203eb8b5206001a7729a0

What are we doing wrong?

Hi All

Oops!

The Rule destination has to be “Enabled” at the last part of Step 2, see attached.

https://docs.aws.amazon.com/iot/latest/developerguide/rule-destination.html

Hi Vitor

I have realized that the build-in AWS IoT Network does not have payload parser to convert the AWS raw payload into TagoIO payload format:

“INFO: Not valid TagoIO payload. Please create a connector for this device and parse the data yourself.”

Can explain why is it so and what will be the roadmap(Didn’t see it in the new TagoIO roadmap page) to support Downlink operations from TagoIO dashboard to AWS? Please see attached for a typical AWS raw payload. It will be good to include this feature.

Hey FuJi,

Thanks for your patience.

If you can open a ticket and address it to me, I can help you out to understand the payload format from AWS IoT Core.

I’m also very interested to get support for downlinks with AWS IoT Core, so we may can try to check if we can have solution that works for you.

After we manually enable the destination for the confirmation URL https://awsiot.middleware.tago.io/

we get

{
“ruleName”: “tagoio”,
“topic”: “$aws/things/mimic-tagoio-1/shadow/update/accepted”,
“cloudwatchTraceId”: “cdc9462a-c678-6827-977c-16cc53730fee”,
“clientId”: “N/A”,
“base64OriginalPayload”: “eyJzdGF0ZSI6eyJyZXBvcnRlZCI6eyJjb2xvciI6ImN5YW4iLCJwb3dlciI6Im9uIiwibWVtIjoyMiwibGlnaHQiOjE0NzYyLCJ0ZW1wIjo1MDAwMH19LCJtZXRhZGF0YSI6eyJyZXBvcnRlZCI6eyJjb2xvciI6eyJ0aW1lc3RhbXAiOjE2NjI2NDQzODh9LCJwb3dlciI6eyJ0aW1lc3RhbXAiOjE2NjI2NDQzODh9LCJtZW0iOnsidGltZXN0YW1wIjoxNjYyNjQ0Mzg4fSwibGlnaHQiOnsidGltZXN0YW1wIjoxNjYyNjQ0Mzg4fSwidGVtcCI6eyJ0aW1lc3RhbXAiOjE2NjI2NDQzODh9fX0sInZlcnNpb24iOjQ5NjMsInRpbWVzdGFtcCI6MTY2MjY0NDM4OH0=”,
“failures”: [
{
“failedAction”: “HttpAction”,
“failedResource”: "https://awsiot.middleware.tago.io/uplink/631203eb8b5206001a7729a0",
“errorMessage”: "HttpAction failed to make a request to the specified endpoint. StatusCode: 400. Reason: Bad Request. Attempts: 1. Message arrived on: $aws/things/mimic-tagoio-1/shadow/update/accepted, Action: http, url: https://awsiot.middleware.tago.io/uplink/631203eb8b5206001a7729a0"
}
]
}

Hey Gambit,

Thanks for your patience.

Did you manage to solve this problem? I can only guess you don’t have a device with the asset ID of 631203eb8b5206001a7729a0. Did you check if you created the device in your TagoIO Account?

Next would be to check if you’re receiving something in the Live Inspector of your device. If not, I would assume this needs more investigation and recommend you open a support ticket.

Vitor,

thank you. The missing piece was “asset ID”. Your instructions talk about device EUID, etc. and we thought

the device ID was enough. Once we added a token with the asset ID equal to the device ID, it works, as

shown in this 2-minute video

https://www.youtube.com/watch?v=VPu3cRr_eFE

Our approach shows routing generic AWS device shadow telemetry to TagoIO.

The next step is to have a payload parser which automatically generates the tags from the device shadow

payload. Can you help? We want to show a video which shows a dashboard that graphs the telemetry.

Regards.

Thank you for providing a video Gambit. Very helpful!

Good morning Vitor,

Could you create a version of this guide for AWS IoT Core for LoRaWAN? The AWS IoT was updated and now it is difficult to find this guide recommendations in the new AWS IoT Core for LoRaWAN.

Regards,

Claudio

The AWS Integration is now updated to v2.0.0, which includes:

1. Support to AWS IoT LoRaWAN integration, specified in the instructions step 2.1

2. When using AWS IoT LoRaWAN, you can now specify the HTTPs endpoint to https://awsiot.middleware.tago.io/uplink. Our integration will automatically identify the devEUI from the AWS payload.