Tetra IoT Layer Post-Deployment Tasks
After the Tetra IoT Layer is deployed, you must perform these post-deployment tasks.
Configure a DNS Record to Point to the Loadbalancer
Create a DNS record iot.<platform URL>
and point it to the CNAME record of IoT stack's loadbalancer.
Update iot s3 Bucket Permissions
Once the stack installation is complete, we need to allow Tetra IoT Layer EC2 instance write data to DIP iot bucket. To do this, complete the following steps.
- In AWS Console, go to EC2 → Instances.
- Select the iot-emq instance.
- Under Details tab, click on IAM Role link.
- Copy the Role ARN.
- Go to Amazon S3 and open
<DIP stack>
-iot bucket. - Open the Permissions tab and edit the Bucket policy.
- Add below policy statement by replacing EC2 role ARN copied in step 4.
- Click Save changes.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "iot", "Effect": "Allow", "Principal": { "AWS": "{ROLE ARN FROM STEP 4}" }, "Action": [ "s3:PutObject", "s3:PutObjectAcl" ], "Resource": "arn:aws:s3:::{BUCKET NAME}/*", "Condition": { "StringLike": { "s3:x-amz-acl": "bucket-owner-full-control" } } } ] }
Change default login (UI) password
The web UI URL will be https://iot.<TDP DOMAIN>:8189/
- Login to UI with the default user
admin@tetrascience
. (Request the credentials from Tetrascience.) - Go to Users and click on Edit next to the
admin
username. - Enter a new password and save. (You might need to enter a mobile number before saving the password.)
Create an account for API access
- Go to Users page in above UI and click on New User.
- Set the following values and click on Save.
- User Name: api
- New password: Set a new password
- Name: api
- User Type: Administrator
- Mobile Number: 1
- In AWS Console, Go to Systems manager --> Parameter store. Add the parameters listed below.
Parameter name | Type | Value |
---|---|---|
/tetrascience/production/ECS/ts-service-anylink/ANYLINK_USERNAME | Secure string | api |
/tetrascience/production/ECS/ts-service-anylink/ANYLINK_PASSWORD | Secure string | The password of api user |
- Restart
ts-service-anylink-tls
ECS service
Updated about 1 year ago