© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Once you have created an AWS account and specified your permissions, you can proceed with the getting started
information included in the following sections of this guide to configure and use your ADTRAN 7310-8 gateway
with the AWS IoT Core for LoRaWAN.
5.
Getting Started with ADTRAN’s 7310-8 Gateway
The following sections outline the necessary steps to configure and register the ADTRAN 7310-8 gateway and any
additional endpoint devices with the AWS IoT Core for LoRaWAN.
5.1 Getting Started Configuration Overview
To get started with the AWS IoT Core for LoRaWAN, you will need to configure the IAM roles and policies for the
Configuration and Update Server (CUPS) and AWS IoT destination role, register the LoRaWAN gateway with the
AWS IoT Core, and add any LoRaWAN endpoint devices to the AWS IoT Core.
The following sections describe the steps necessary to configure the 7310-8 gateway and additional endpoint
devices for use with the AWS IoT Core for LoRaWAN:
•
Configuring Roles and Policies in IAM
•
Registering the LoRaWAN Gateway with AWS IoT
•
Adding a LoRaWAN Endpoint Device to AWS IoT
NOTE
:
The examples in this document are intended only for dev environments. All devices in your fleet must have
credentials with privileges that authorize only intended actions on specific resources. The specific permission
policies can vary for your use case. Identify the permission policies that best meet your business and security
requirements. For more information, refer to
5.2 Configuring Roles and Policies in IAM
Two steps are required for configuring roles and policies in IAM. First, you must create an IAM role for the
Configuration and Update Server (CUPS) and review its associated policies, and then you must create an AWS IoT
Core destination role and review its associated policies. The steps required to create these roles and policies are
detailed in the following sections.
5.2.1 Adding an IAM Role for CUPS server
The first role to be configured for the AWS account is the IAM role for the CUPS server. This role allows the server
to handle the wireless gateway credentials. This procedure must be performed before a LoRaWAN gateway
attempts to connect with the AWS IoT Core for LoRaWAN, but only needs to be completed once.
To configure the IAM role for the CUPS server, connect to the
page on the IAM console and follow these
steps:
1.
From the
page on the IAM console select
Create Role
.
2.
In the
Create Role
menu, under
Select type of trusted entity
, select
Another AWS Account
.
3.
Enter your account ID in the
Account ID
field and select
Next: Permissions
.
4.
In the
Permissions
menu, enter
AWSIoTWirelessGatewayCertManager
in the
Filter Policies
search field
and select search. If the search results display the policy named
AWSIoTWirelessGatewayCertManager
,
select the check box next to that policy name and proceed to Step 5 to create the role.
If the search results do not include the
AWSIoTWirelessGatewayCertManager
policy, you must create the
policy before creating the role. Create the policy by following these steps:
a.
and select
Policies
from the menu on the left.
b.
In the
Policies
menu, select
Create Policy
and then the
JSON
tab. Selecting the
JSON
tab will
open the policy editor where you will replace the existing policy template with the following trust
policy information:
{
"Version": "2012-10-17",
"Statement": [
