I have tried to configure Gateway to send MQTT messages into AWS cloud and I finally figured out working setup with IoT Core service but I would like to avoid big bills similar like in this thread. AWS pricing in preferred region is $1.20 / million messages / month and with 0.78 Hz sending rate it would be 2 021 760 messages and about $2.43 per month per sensor.
This is when I use MQTT broker and it works like a charm but if I only need one subscriber (which is now true), I can bypass MQTT broker and avoid messaging costs completely with âBasic Ingestâ. That would be achieved by sending messages to topic with â$aws/rulesâ prefix, but when I add dollar sign into topic name, my Lambda authorizer function doesnât run anymore, so I think that Gateway doesnât event try to send messages.
When I try to remove dollar sign from topic name, authorizer function will run again and I will receive correct data through expensive MQTT broker. Is my hunch correct and is it possible to configure Gateway to use topic name which starts with dollar sign?
Hi @TommiFore,
Ruuvi Gateway sends data with MQTT topics started from â$â correctly, but the problem might be on the client side. Since topics started from the â$â interpreted as control messages, they can be filtered out by a server or clients and you need to specify the topic prefix to display it (in âmosquitto_subâ).
For example, I configured my gateway to use the custom prefix â$aws/rules/my_rule/C8:25:2D:8E:9C:2Câ:
I configured my Gateway exactly like you with no success. That is some special case in AWS, which triggers the IoT rule directly without need of explicit subscribing. IoT rule is like action after message has been received. Itâs harder to debug because you canât subscribe to those topics with MQTT test client in AWS console, but you can send test messages to those topics and itâs triggering my rule correctly.
Because the authorizer function doesnât run at all, I would think that it has to be related to connectivity issues. Maybe I need to use some other endpoint URL with those $-prefixed topics. I will continue to investigate documentation and try to solve the issue, which has to be in AWS side. I didnât find working example of this scenario anywhere, but I will get back to forum to tell if I can solve the problem.
And I almost forgotten to thank you guys great products!
Now I can give some extra light to this issue. I tried all given URL possibilities with both encrypted connection methods in Gateway: MQTT over SSL and MQTT over Secure Websocket. There is nothing new to me, only combination that works is MQTT over Secure Websocket, my IoT endpointâs hostname without any extra paths and port 443.
I will assume that you cannot use X.509 client certificate with Gateway while itâs preferred method in AWS side to detect which client is connecting. Without certificate you have to use custom authorizer (= Lambda function, which can restrict by source IP, client ID etc.) and port 443. I think that HTTPS port with MQTT control messages ($-prefixed) might be the issueâŚ
There is a piece of the IoT debug log, where I first have same topic name without $-prefix and messages are published to my MQTT test client in AWS console, because I had subscribed for them. These messages didnât trigger my IoT rule âRuuviâ, because itâs configured only for topics âGateway/#â. When I am reconfiguring my Gateway by adding $-prefix, it published offline and online states accordingly. I donât know why $-prefixed message was marked with log level error and why it doesnât trigger my rule.
But then for two messages, my rule matched and executed correctly. When I have Lambda function to print out event, there is proper payload from Gateway. But after those nothing happens, so Iâm thinking that Gateway âaccidentallyâ sent those first two messages into $-prefixed topic but it doesnât like $-prefixed âcontrol messagesâ targeted into port 443. Is it possible reason or what the heck could cause this issue? Do you have any thoughts @Alexey on this?
EDIT: I searched online and found software MQTTX to publish messages straight into AWS IoT Core. Now I can confirm that any message published into $aws/rules/Ruuvi/ prefixed topic, triggers my IoT rule no matter what. Full connection string can be wss://MY_IOT_ENDPOINT_HOSTNAME/(mqtt):443 so it works with both paths / and /mqtt but only with wss protocol and port 443. According to my investigations my opinion is that Gateway does not send those messages.
