Connecting Your LoRaWAN Devices from The Things Stack to AWS IoT Core
By Johan Stokking, CTO at The Things Industries
By Gaurav Gupta, Sr. Partner Solutions Architect, AWS IoT
By Pedro Mendoza, Sr. EMEA IoT Specialist Solutions Architect at AWS
There is an ever-increasing demand to connect long-range, power-constrained devices to Internet of Things (IoT) services in the cloud.
AWS IoT allows customers to easily and securely connect devices to the cloud and reliably scale to billions of devices and trillions of messages.
LoRa and LoRaWAN are connectivity technologies that are widely adopted due to wide connectivity range, low power consumption requirements, and a large ecosystem of devices.
In this post, we’ll provide an overview of how to integrate a customer’s LoRaWAN devices connected to The Things Stack’s LoRaWAN Network Server (LNS) with the AWS IoT Core service running in their account. This integration enables you to unleash the functionality available in the AWS IoT portfolio of services (and overall AWS ecosystem) for implementing solutions.
TTI is an AWS Select Technology Partner whose mission is to break down the complexities of LoRaWAN development, allowing for integration and interoperability across the supply chain.
Background on LoRaWAN
LoRaWAN is a technology built upon Low Power Wide Area Network (LPWAN) whose specification is managed by the LoRa Alliance.
The whole idea of LPWAN is to allow power-constrained, typically battery operated devices (deployed on the field) to connect to each other using little power and in wide distance ranges by putting a limitation on the bandwidth (<50kbps data rate) used during communication.
LPWAN has demonstrated value in situations where devices can run over batteries for extended periods (>5 years) of time.
LoRaWAN extends LPWAN in order to allow the connection of IoT devices with applications using an infrastructure of gateways and network servers (LNS) acting as intermediate artifacts between the field IoT devices (nodes) and their applications.
Why The Things Stack?
The Things Stack provides an integrated chain of products and services for customers to start working on IoT with the required security (end-to-end encryption, support for hardware security modules). In order to ensure extensibility, it includes support for integrations (API being exposed for third-party extensions and webhook-based extensibility points).
All of these features are offered in a highly-scalable way (vertical and horizontal scalability and multi-region deployments).
The Things Industries supports three different deployment models for enterprise customers:
- As a service: In this deployment model, The Things Stack Cloud and The Things Stack Dedicated Cloud are a fully managed service operated by TTI.
- Private cloud: Here, The Things Stack AWS Launcher runs as a service in the customer’s AWS account.
- On site: In this deployment model, The Things Stack Enterprise is self-managed in the customer’s infrastructure.
All of these deployment models are compatible with AWS IoT Core integration, allowing TTI’s customers to seamlessly connect LoRaWAN devices to AWS IoT Core.
The following diagram details the architecture of the integration. It includes the downlink and uplink data flows between The Things Stack and AWS IoT Core, as well as the use case for claiming/creating a new device in AWS IoT Core and synchronizing it in The Things Stack.
Figure 1 – Connector architecture.
This integration enables end-to-end encryption on the LoRaWAN level—application payload gets encrypted on the end device, and only gets decrypted in the AWS account.
This means your application payload is not exposed to the underlying network layer. It works by generating a key encryption key, a secret stored in AWS Secrets Manager, and by sending that to the Global Join Server operated by TTI. The key encryption key is used to wrap the LoRaWAN AppSKey, as it’s transported from the network layer to the AWS account where it gets unwrapped.
As prerequisites for the integration with AWS IoT Core, you will need to have your account properly set up in The Things Stack. That configuration includes having a gateway, an application, and a device.
You can use the fully managed The Things Stack Cloud, or The Things Stack AWS Launcher, to run everything in your AWS account, or The Things Stack Enterprise. With The Things Stack setup, follow the getting started to add gateways, applications, and devices.
Deploying the Integration
Step 1: Create a New API Key
The first step to deploy the integration is creating an API key in The Things Stack that enables the interaction with The Things Stack’s API.
To create the new API key, select API keys menu in The Things Stack console and then click on + Add API key.
The following permissions are required for the new API key:
- View devices in application.
- View device keys in application.
- Create devices in application.
- Edit device keys in application.
- Edit basic application settings.
- Write downlink application traffic.
- Read application traffic (uplink and downlink).
Make sure you provide an easy to recognize name to the new key and copy its contents, as you will need it later.
Figure 2 – New API key creation in The Things Stack console.
Step 2: Deploy the CloudFormation Template
Now that you have the API key in place, you can proceed with the deployment of the AWS CloudFormation template that implements the connector. In order to do that, go to the CloudFormation console and, after ensuring you are in the region where you want the integration deployed, select Create stack.
Figure 3 – AWS CloudFormation stack creation.
Step 3: Customize Your CloudFormation Stack
Moving forward with the CloudFormation stack creation, you’ll need to provide values for the input parameters based on The Things Stack where your application is created (Cluster Address parameter), as well as the application ID (Application ID parameter) and API key created above (Application API Key parameter).
Please note you should use the API key content, not its name.
Figure 4 – AWS CloudFormation stack input parameters.
Make sure to enable the I acknowledge that AWS CloudFormation might create IAM resources selector in the last step in the CloudFormation stack creation process.
After few minutes, you should have all the required artefacts created in your AWS account.
Testing the Integration
Once the integration is in place, the data flowing from the LoRaWAN devices that are associated to your application will be forwarded to your AWS account through the AWS IoT Core message broker.
Specifically, you will get your decrypted payloads being published on the lorawan/<DevEUI>/uplink topic.
You can easily inspect the traffic coming from The Things Stack by using the AWS IoT console’s MQTT Client to subscribe to the lorawan/# topics.
Figure 5 – Uplink messages reception testing in AWS IoT Core.
Turning Data into Value Within AWS IoT
Now that you’re able to get the data coming from the LoRaWAN devices flowing into AWS IoT Core, the whole AWS ecosystem is available for you to develop your applications and turn that data into business value.
For example, you can use the AWS IoT Analytics service to cleanse that data in order to use the relevant attributes, or enrich it using data from external sources. You can also store it in the AWS IoT Analytics datastore so you can query it for either analysis or visualization purposes.
In our specific use case, we have already configured payload formatters in The Things Stack device’s configuration so we don’t need any additional decoding. We are then able to directly consume the JSON messages coming from The Things Stack.
Our first step for integrating the incoming messages with AWS IoT Analytics is to create a new rule in AWS IoT Core. This rule forwards the messages coming from the lorawan/+/uplink topics to an AWS IoT Analytics channel, and we are also writing the original messages to Amazon CloudWatch Logs for inspection, if required.
Figure 6 – AWS IoT Core’s rules and actions definition.
Next, as part of our AWS IoT Analytics dataset, we’ll select the attributes we want to visualize by using a SQL statement as part of its definition. We’ll also configure that dataset to automatically execute every five minutes so we can always have fresh data for visualization or analytics.
Figure 7 – Configuring a Dataset in AWS IoT Analytics.
Finally, we can have an Amazon QuickSight dashboard rendering the data coming from the AWS IoT Analytics dataset to see the temperature and battery values of the LoRaWAN sensor over time.
Figure 8 – Visualization of data coming from LoRa devices in Amazon QuickSight.
Beyond Ingesting Data
While this post has focused on the data ingestion use case (uplink data flow in LoRaWAN lingo), The Things Stack’s connector does much more than that.
For example, you can send commands (or downlink messages) to the LoRaWAN devices that has support for that, and you can keep the device registry between The Things Stack and AWS IoT synchronized so devices can be created on both sides of the link. You can also claim devices on AWS IoT Core and have that claim request propagating to The Things Stack.
The modular architecture of the connector allows for multiple extension points in order to handle not only uplink messages, but also join requests (activations messages) and leverage the functionality of the device’s shadow documents available in AWS IoT Core.
Please refer to the TTI’s AWS IoT connector documentation for full details on these additional features.
As detailed in this post, customers using The Thing Stack to power their LoRaWAN networks can leverage the integration with AWS IoT Core for cleansing, enriching, storing and visualizing the data coming from their devices.
This integration bridges the benefits of the low-power/wide-range characteristics of LoRa and LoRaWAN technologies with the richness of the AWS platform. IT will enable companies to build solutions that transform the data coming from their devices into valuable business decisions.
Sign up for The Things Stack Cloud and get started today!
The Things Industries – AWS Partner Spotlight
The Things Industries is an AWS Select Technology Partner whose mission is to break down the complexities of LoRaWAN development, allowing for integration and interoperability across the supply chain.
*Already worked with TTI? Rate the Partner
*To review an AWS Partner, you must be a customer that has worked with them directly on a project.