Integration to Azure Event Grid
Introduction
Microsoft announced integration to Azure Event Grid via native MQTT v3.1.1 and v5 as a preview. With this option, you will be able to communicate with your Azure Event Grid directly without the need to go through the Azure IoT Hub. In addition this will allow you to use Crosser to integrate devices/assets from the edge side as well as services and applications on the cloud side.
Read more: https://learn.microsoft.com/en-us/azure/event-grid/mqtt-overview
In this article we will explain how you can use Crosser’s MQTT Modules to build integration to your Azure Event Grid via MQTT.
Prerequisites
If you do not have an Azure Event Grid, follow the How-to guide from Microsoft in order to create one. https://learn.microsoft.com/en-us/azure/event-grid/mqtt-publish-and-subscribe-portal
For the test setup we follow the instructions from Microsoft above with self-signed certificates and ‘Subject Matches Authentication Name’ for ‘Client Certificate Authentication Validation Scheme’.
Once you have created your Azure Event Grid Namespace, you can use any MQTT client to verify the setup. Note that the username in the MQTT client must match the CN name of the used certificate.
Flow and module setup
To verify the integration it is sufficient if we just use simulated data from the Data Generator and send simple values (pressure, temp) to the Event Grid.
MQTT Pub Client Settings
Currently the modules use MQTT v3.11, we plan to introduce support for MQTT v5 in the future
- Topic: topicspace/topic1
Use the topic that you have create in your Azure Event Grid Namespace - URL: something.westeurope-1.ts.eventgrid.azure.net
The URL of your Azure Event Grid Namespace - Port: 8883
Predefined by Azure - Use TLS: yes
Required - Allow untrusted certificates: yes
Required since we use self-signed certificates - ClientId: your-client-id
We use the CN name from the certificate here, might be different according to your client authentication logic in Azure Event Grid Namespace - Client Certificate: your-client-certificate
Note: The MQTT Modules requires a pem certificate file which includes the client-certifcate and client-key. This can be generated for example with OpenSSL:
openssl pkcs12 -export -out client-1.pem -inkey client-1-key.pem -in client-1-cert.pem -certfile ca-cert.pem
-
Create new credential with type ‘certificate’ and upload your combined pem file
User Credentials: your-user-credentials
-
Create a new credential with type ‘Username and Password’ and set the Username = CN-Name from your certificate, leave password empty.
Message Format: JSON
Note: For bi-directional communication or to get data from the Azure Event Grid Namespace and use it to integrate into cloud applications, you can use the MQTT Sub Client module with similar settings as above. This then allows you to publish and subscribe to the Azure Event Grid Namespace.
Test and verify
Once you have gone through the above steps, you can run the flow in a Remote Session. If everything is correct, the MQTT Client Pub module will send the simulated data from your DataGenerator to the Azure Event Grid Namespace. You can now use a MQTT Client tool such as MQTTx or MQTT Explorer to connect another client and subscribe to the topic, the Crosser Client publishes data to.
The debug output in Crosser Cloud should look something like this:
Using the MQTTx client and subscribing to the above topic, we can see the published output.
Conclusion
The possibility to connect to the Azure Event Grid Namespace directly allows you to skip services like the IoT Hub. Thanks to the simplicity of the low-code approach, you can now build organization-wide, domain independent integrations between OT-IT and IT-IT. Use one platform to build smart integrations between the Azure Event Grid Namespace, your OT environment, cloud services, storages and other applications.