Put the MQTT binding into debug or trace level logging to get more information about what the binding it doing.
There needs to be only one broker in the system.
You need to have details about the broker running on AWS and what it requires to connect to it. That is where the username, password, certificates, etc are dictated.