Connecting IoT Projects to AWS (and Avoiding Winged Monkeys)
As IoT security is as big a concern as ever, explore this combination of tools and templates to connect to the cloud while avoiding wicked witches.
Join the DZone community and get the full member experience.Join For Free
“Behind every cloud,” Judy Garland once said, “there is another cloud.” If you had never heard of The Wizard of Oz, you could be forgiven for assuming Garland was referring to the plethora of cloud services platforms which populate today's market.
There are many ways in which a cloud computing infrastructure can be leveraged to collate business intelligence in a reliable and affordable way. Amazon Web Services' foray into the IoT realm has afforded businesses the opportunity to securely manage data harvested from the IoT edge. AWS’ integration of various services (databases, alerting, functions, etc) makes it easy to make sense of the data. However, the yellow brick road of connectivity from the edge to the cloud is full of challenges.
In this series of blog posts, we will start, like many on the initial foray into IoT, by showing you how to avoid the winged monkeys of cyber security. All you need is an AWS account, an AWS CloudFormation template, and an iSimplyConnect account.
Security is the most important issue to consider when connecting a 'thing' to any network. Gartner states that approximately 8.4 billion connected 'things' will have been active worldwide this year at a cost of $2 trillion. In a previous blog post, Asavie's Keith O'Byrne expressed his concerns about the unsecured and unattended nature of many of these devices, how they are vulnerable to hackers (winged monkeys) and therefore easily compromised.
AWS has done a fine job of securing the cloud and providing a secure means to identify devices and to protect data in transit over the public internet. The IoT endpoints, however, are exposed and visible to cyber threats due to the public nature of the internet.
Winged monkeys are not the only challenge. By manually connecting a device to the cloud, you are taking on the costs and responsibilities associated with running in-house security operations and monitoring system activity around the clock. This means additional spending, including hiring new staff to manage the IoT project.
Enter Asavie and their IoT connectivity management platform, Asavie PassBridge. PassBridge helps to safeguard devices from hackers by providing private connectivity off the public internet.
The Turning Point
With the clever use of an AWS CloudFormation template and an iSimplyConnect account, IoT developers can create a managed, private, and secure connectivity service for less than the price of a movie ticket, freeing them up to concentrate on key aspects of their IoT projects.
Deploying the AWS VPC
The AWS CloudFormation template is available to download from the Asavie GitHub. It creates EC2 instances in the Virtual Private Cloud (VPC), equipped with your Asavie PassBridge network connector and an AWS MQ Telemetry Transport (MQTT) broker, enabling you to easily consume the AWS IoT service from within the AWS VPC.
Configuring the Asavie Network Connector
Configuring the Asavie network connector is straightforward. Simply log into your Windows EC2 instance using the EC2 Key Pair provided as part of the creation setup on the VPC. AWS provides their own instructions on connecting to your Windows instance which are available here.
Once logged into the Windows EC2 instance, the next step is to download and connect the Asavie Network Connector. To do this, ensure you have opened an outbound port for 443 in the “Security Groups” for the EC2 instance. Using a browser, point it at iSimplyConnect.com and login. Under the ‘Network Settings’ tab, follow the instructions to download the Network Connector installer. Once the installer is downloaded, double-click on the installer package and enter the activation code. The installer will automatically build the final section of the secure connectivity from the AWS VPC to the Asavie PassBridge. Cue music, roll titles...
Unlike pre-war Hollywood Cinema, Asavie’s approach to connectivity involves no drama, as it enables IoT developers to secure their devices to the edge in a hassle-free manner and connect them seamlessly from anywhere in the world to AWS. You can wake up in the morning, safe in the knowledge that not only is there no place like home, but also that your IoT projects are securely connected and reliably protected from winged monkeys.
Opinions expressed by DZone contributors are their own.