Book Image

Learning AWS IoT

By : Agus Kurniawan
Book Image

Learning AWS IoT

By: Agus Kurniawan

Overview of this book

The Internet of Things market increased a lot in the past few years and IoT development and its adoption have showed an upward trend. Analysis and predictions say that Enterprise IoT platforms are the future of IoT. AWS IoT is currently leading the market with its wide range of device support SDKs and versatile management console. This book initially introduces you to the IoT platforms, and how it makes our IoT development easy. It then covers the complete AWS IoT Suite and how it can be used to develop secure communication between internet-connected things such as sensors, actuators, embedded devices, smart applications, and so on. The book also covers the various modules of AWS: AWS Greengrass, AWS device SDKs, AWS IoT Platform, AWS Button, AWS Management consoles, AWS-related CLI, and API references, all with practical use cases. Near the end, the book supplies security-related best practices to make bi-directional communication more secure. When you've finished this book, you'll be up-and-running with the AWS IoT Suite, and building IoT projects.
Table of Contents (14 chapters)
Title Page
Packt Upsell

Setting up AWS IoT for your IoT project

In this section, you will learn how to set up your IoT project, utilizing the AWS IoT platform. The following is a list of steps to build your AWS IoT project:

  1. Register on AWS
  2. Select the IoT device
  3. Register AWS IoT
  4. Create a security certificate
  5. Configure security access

Let's go through these steps.

Creating an AWS account

AWS provides a complete solution to build your enterprise system, starting from a virtual machine and enterprise application, to machine learning and IoT. At the time of writing, Amazon offers a free one year trial access called AWS Free Tier for a newly registered user. You can access the full features with the limited scheme. You can register a new AWS account and get a free one year trial access at

Most AWS can be accessed with the AWS Free Tier scheme. I recommend you do so. The AWS Free Tier registration page is shown in the following screenshot:

Selecting an IoT device

The next step is to select your IoT device. Each IoT device has unique capabilities. I suggest that you use the IoT device platform that is recommended by Amazon to minimize problems while developing and deploying. You can use one of the listed devices from Based on my experience, the Raspberry Pi board or IoT board with the Linux platform is easier, because most AWS IoT Device SDKs are supported.

I will show how various IoT device platforms access AWS IoT, with specific scenarios in this book. Register an IoT device for AWS IoT after you have decided what IoT device model is to be implemented. You should register it in order to obtain access rights in AWS IoT. You can register your IoT device on AWS IoT Management Console with the following steps:

  1. Navigate to You should see a form as shown in the following screenshot:

  1. Select the Onboard option from the left-hand menu. You can click on the Get started button within the Configuring a device section, which is shown by an arrow in the preceding screenshot.

Then, you will get information about connecting IoT device to AWS IoT, as shown       in the following screenshot:

  1. Select the development platform of the IoT device and AWS IoT SDK. In this scenario, I use Linux/OSX with Node.js for AWS IoT SDK:
  1. Now we create our IoT device name. You should define the IoT device type. To do so, you click on the Create a type button:

  1. Fill out the IoT device type and its description. You may define IoT device attributes. For a demo, we define the following two attributes as shown in the following screenshot:
    • name
    • device-value

If done, save this IoT device type.

  1. Then, go back to your IoT device registering. Fill out the IoT device name and its type. I filled macos-computer in the Name field, as shown in the following screenshot:

  1. If done, you should see your IoT device on the Manage | Things menu:

You can add additional IoT devices to simulate the AWS IoT scenario.

Creating a security certificate

Before we use AWS IoT, we should create a security certificate. Then, this certificate will be attached to our registered IoT device. Follow these steps:

  1. On AWS IoT Management Console, open your IoT device. Click on the Security option on the left-hand menu. You should see a form, as shown in the following screenshot:

  1. You should see a Create certificate button. Click on this button. Then, AWS IoT will generate private and public keys for your IoT device. Please download all certificate and key files:

These certificate and key files will be used in our program to access the  AWS IoT server. You should get four files, as follows:

    • Certificate file (*.pem)
    • Certificate public key file (*.key)
    • Certificate private key file (*.key)
    • Root certificate (*.pem) or (*.crt)
  1. Put all these files into a folder. Our program will access these files:

The next step is to write a program. We will do so in the next section.

Configuring security access for AWS IoT

Since AWS IoT applies security to protect its system, we should also comply to configure our AWS IoT security. Some steps are taken to configure our AWS IoT security. We will perform the following tasks:

  1. Create a policy
  2. Attach a policy to the IoT device certificate
  3. Attach the IoT thing to the certificate

To create a policy on AWS IoT, perform the following steps:

  1. Click the Policies sub-menu from the Secure menu, as shown in the following screenshot:

  1. Then, you should see a Create a policy button. Click on this button.
  2. Fill in your policy name. You should add three policy statements, as follows:
    • iot:Connect
    • iot:Subscribe
    • iot:Publish
  1. Don't forget to check the Allow checkbox for all the preceding policy statements:

  1. When done, save your AWS IoT policy. You should see your created policy on the Policies form, as shown in the following screenshot:

  1. The next step is to add our created policy into the IoT device certificate. You can open Secure | Certificates on AWS IoT Management Console. Click on the ellipsis () link so you get a context menu that is shown in the following screenshot. Click on the Attach policy option:

  1. Then, you get a dialog box. Select your created policy. When done, click on the Attach button to execute this task:

  1. The last step is to add our IoT device into a security certificate. Click on the ellipsis () on your certificate so you get a context menu. Select the Attach thing option on context menu:

  1. Select your IoT device and then click on the Attach button to perform this task:

Now your IoT device has a certificate and policy. You can access AWS IoT through the IoT device.