Tetra IoT Layer Post-Deployment Tasks

After the Tetra IoT Layer is deployed, you must perform these post-deployment tasks.

Configure a DNS Record to Point to the Loadbalancer

Create a DNS record iot.<platform URL> and point it to the CNAME record of IoT stack's loadbalancer.

Update iot s3 Bucket Permissions

Once the stack installation is complete, we need to allow Tetra IoT Layer EC2 instance write data to DIP iot bucket. To do this, complete the following steps.

  1. In AWS Console, go to EC2 → Instances.
  2. Select the iot-emq instance.
  3. Under Details tab, click on IAM Role link.
  4. Copy the Role ARN.
  5. Go to Amazon S3 and open <DIP stack>-iot bucket.
  6. Open the Permissions tab and edit the Bucket policy.
  7. Add below policy statement by replacing EC2 role ARN copied in step 4.
  8. Click Save changes.
        "Version": "2012-10-17",
        "Statement": [
                "Sid": "iot",
                "Effect": "Allow",
                "Principal": {
                    "AWS": "{ROLE ARN FROM STEP 4}"
                "Action": [
                "Resource": "arn:aws:s3:::{BUCKET NAME}/*",
                "Condition": {
                    "StringLike": {
                        "s3:x-amz-acl": "bucket-owner-full-control"

Change default login (UI) password

The web UI URL will be https://iot.<TDP DOMAIN>:8189/

  1. Login to UI with the default user admin@tetrascience. (Request the credentials from Tetrascience.)
  2. Go to Users and click on Edit next to the admin username.
  3. Enter a new password and save. (You might need to enter a mobile number before saving the password.)

Change default API password

  1. Get user token with default credentials

URL: https://iot.<TDP DOMAIN>:8443/user/login
Request type: POST
Data (JSON):

    "name": "tetrascience",
    "password": "<request from Tetrascience>",
    "hash": "tetrascience"
  1. Change the password

URL: https://iot.<TDP DOMAIN>:8443/user/password
Request type: PUT

token: from step 1
password: new password
hash: tetrascience

Example URL: https://iot.<TDP DOMAIN>:8443/user/password?token=<token>&hash=tetrascience&password=<new password>

  1. In AWS Console --> Systems manager --> Parameter store. Add the parameters listed below.
Parameter nameTypeValue
/tetrascience/production/ECS/ts-service-anylink/ANYLINK_USERNAMESecure stringtetrascience
/tetrascience/production/ECS/ts-service-anylink/ANYLINK_PASSWORDSecure stringnew password
  1. Restart ts-service-anylink-tls ECS service