Page History

...

Create an AWS EC2 Keypair to be used for SSH access to the EC2 instance
- https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html
Set up an AWS Virtual Private Cloud (VPC) for the EC2 instance
- https://docs.aws.amazon.com/vpc/latest/userguide/create-vpc.html
Set up a network interface for the EC2 instance
- https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-network-interface.html
- Note this network interface must be able to reach the MQTT Server that will be used with IoT Bridge for Snowflake. So, a Network Subnet, ACLs, Route Table, and an Internet Gateway will also need to be set up to make this possible.
Set up a EC2 Security Group with the following rules and bind it to the EC2 instance deployed with IoT Bridge for Snowflake: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-security-group.html
- - Inbound SSH Connection (port 22)
    - For IoT Bridge for Snowflake configuration and debugging
  - Outbound MQTT Connection (port 1883 or port 8883 depending on MQTT configuration)
  - Outbound Sitewise Connection (port 443)

Set up an AWS IAM policy with the following permissions, attached it to an EC2 instance role, and attach the instance role to the EC2 instance once it is created. Make sure to replace AWS_REGION and AWS_ACCOUNT_ID with your AWS region and AWS account ID.

Code Block

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iotsitewise:CreateAssetModel",
                "iotsitewise:ListAssets",
                "iotsitewise:ListAssetModels"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "iotsitewise:DeleteAssetModel",
                "iotsitewise:DescribeAssetModel",
                "iotsitewise:UpdateAssetModel"
            ],
            "Resource": "arn:aws:iotsitewise:AWS_REGION:AWS_ACCOUNT_ID:asset-model/*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "iotsitewise: AssociateAssets",
                "iotsitewise: BatchPutAssetPropertyValue",
                "iotsitewise: DeleteAsset",
                "iotsitewise: DescribeAsset",
                "iotsitewise: DisassociateAssets",
                "iotsitewise: GetAssetPropertyAggregates",
                "iotsitewise: GetAssetPropertyValue",
                "iotsitewise: GetAssetPropertyValueHistory",
                "iotsitewise: ListAssociatedAssets",
                "iotsitewise: UpdateAsset",
                "iotsitewise: UpdateAssetProperty"
            ],
            "Resource": "arn:aws:iotsitewise:AWS_REGION:AWS_ACCOUNT_ID:asset/*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "iotsitewise:CreateAsset",
                "iotsitewise:ListTagsForResource",
                "iotsitewise:TagResource",
                "iotsitewise:UntagResource"
            ],
            "Resource": [
                "arn:aws:iotsitewise:AWS_REGION:AWS_ACCOUNT_ID:asset-model/*",
                "arn:aws:iotsitewise:AWS_REGION:AWS_ACCOUNT_ID:asset/*"
            ]
        }
    ]
}

Deploy an EC2 instance using the IoT Bridge for Sitewise AMI using the components created above.

...

Contents

Cirrus Link Resources

Inductive Resources

Versions Compared

Old Version 19

New Version 20

Key