How to install MQTT broker on AWS for free

MQTT is a connectivity protocol specially designed for machine-to-machine or Internet of Things. If you have read our previous post where we create an MQTT broker with a Raspberry Pi, then you might understand the concept a bit more. However, there are some drawbacks with the Pi. For instance, if you want to access the broker from outside your local network, then you need to configure your DNS or have a fixed IP with port forwarding. Also, the Pi will need to be running all the time. Another option would be to host your MQTT broker with a hosting company. This can cost a few ££ but luckily, Amazon offers free options for new customers. This post will show you how to create a MQTT broker on AWS EC2 and connect to it from anywhere in the world.

I would also recommend that you the get familiar with the MQTT protocol stack by having a look at http://mqtt.org/

At the end of this setup, we will create a basic connection scenario between the MQTT broker and a client.

Launch & Configure your AWS EC2 instance

First of all if you don’t have an AWS account, you can create a new account on AWS (https://aws.amazon.com) . Once created, you will have access to a large number of free services (they are called “Free Tier”).

  • Now that you have your AWS account, logon to the AWS Console and find EC2 in the services section.
AWS EC2 Services
  • Select the preferred AWS region and then launch a new instance
AWS EC2 Region
  • In the first configuration page, choose Ubuntu
EC2 OS Image
  • In the Instance Type, choose t2.micro as it under the “Free Tier” category.
EC2 Instance Type
  • Then skip all the way to step to configure the security policy

We are just going to open port 1883 for unsecured TCP MQTT Broker communication at this point. This can of course be changed at a later stage.

EC2 Security Policy
  • Then launch your instance. Once launched, it will appear in your list of instances.
EC2_Instance

Connecting to your Instance

To connect to your instance, please read the AWS Documentation. In our case, we will connect using PuTTY. This guide will help you. The username for the instance we just created is: ubuntu

EC2 Putty

Install and Configure MQTT Broker

  • Run the following two commands:
sudo apt-get update
sudo apt-get install mosquitto mosquitto-clients
  • Enable remote access

The default MQTT configuration only allows connections from localhost. To be able to use the broker to subscribe and publish messages from a remote machine, we need to open port 1883 in the config file. Open the config file:

sudo nano /etc/mosquitto/conf.d/default.conf

Add the following line in the config file

listener 1883
  • Password Protect your MQTT Broker

It is highly recommended that you secure your MQTT broker with a password. To do so, run the following command:

sudo mosquitto_passwd -c /etc/mosquitto/passwd behindthesciences

Replace “behindthesciences” with your own username.
You will then be prompted to enter a password.

Add the password file needs to be specified in the config file. Edit the config file:

sudo nano /etc/mosquitto/conf.d/default.conf

Add the following lines in the config file and save it.

allow_anonymous false
password_file /etc/mosquitto/passwd
  • Restart the MQTT Broker
sudo systemctl restart mosquitto

Test the AWS MQTT Broker

  1. Download MQTT Dash from the PlayStore on your Android Phone
  2. Find the public IP of your EC2 instance from the AWS console.
  3. Setup MQTT Dash with your EC2 details and create a Text Topic called “test”
AWS MQTT Dash

Now, on your EC2 PuTTY session, send a MQTT message using the following command and you should receive “Hello World” on your phone.

mosquitto_pub -h localhost -t "test" -m "hello world" -u "user" -P "password"

Replace user and password with the ones you set up earlier.

For any questions or comments, please contact us at contact@behindthesciences.com

Please bear in mind that this is the most basic MQTT configuration. To improve security, you need to implement SSL.

Tags:, ,

Add a Comment

Your email address will not be published. Required fields are marked *