Deploying multiple Internet of things (IoT) devices on some locations and serving all requests from IoT devices needs more attention in order to obtain high availability and good performance. One of the approaches is to deploy a cloud server with high availability and advanced features. In this chapter, we will get started working with Amazon Web Services (AWS) IoT.
By the end of this chapter, you will know how to:
- Introduce AWS IoT
- Introduce IoT devices and platform for AWS IoT
- Use AWS IoT Management Console
- Use AWS IoT device SDK
- Set up AWS IoT for your IoT project
- Build a program to access AWS IoT
So, let's get started!
In recent years, there have been a lot of IoT boards built by either manufacturers or indie makers. Each IoT offers unique features to build IoT applications to address users problems. Sensor and actuator devices are attached to these IoT boards to generate data. There is a lot of sensor data from IoT devices that we can analyze.
Suppose we have various IoT boards that are deployed on some locations. Since these IoT devices generate sensor data, we need a backend server with high availability to serve incoming data. In particular cases, we also need to analyze the data to obtain insights. To perform this scenario, we need more computing engines, such as storage and machine learning engines.
The general design of AWS IoT architecture is illustrated in the following figure. There are several components inside AWS IoT, including its endpoints. IoT devices can access AWS IoT through the AWS message broker with their own SDK. AWS IoT also provides SDK for various IoT device platforms. Using AWS IoT SDK, IoT devices can access AWS IoT directly. We will review some AWS IoT SDK, including its protocol and API, throughout this book. The AWS IoT components are shown in the following image:

From the preceding figure, we can see the following AWS IoT components:
- Message broker: This is basically an AWS IoT endpoint where IoT devices can access the AWS server through the Message Queuing Telemetry Transport (MQTT) protocol. Message broker also supports primitive protocols, such as the HTTP protocol. Your IoT device can send data with AWS IoT through HTTP REST.
- Thing Registry: This manages all the IoT device administration. You can register and configure your IoT devices, including configuring certificates and IoT device IDs.
- Thing Shadows: This refers to a device shadow that has functionalities to keep the current state information for a specific thing in a JSON document.
- Rules Engine: This provides message processing and integration with other AWS services. If you have deployed AWS services, you can apply a rule engine on those services.
Some AWS IoT components will be explored in this book.
The IoT platform can connect to an internet network and interact with other platforms. Generally speaking, talking about the IoT in terms of a device platform is a huge topic. In this section, we review some IoT platforms that interact with AWS IoT.
Technically, we can describe a connectivity model between IoT devices and the AWS IoT backend. We can categorize the IoT device platform into three models based on their supported connectivity. For an IoT device with network capabilities, if this device has support for all the required AWS IoT devices, then this device can access AWS IoT directly.
Several IoT devices probably have network capabilities, but their supported protocols are not covered by AWS IoT. For this scenario, we need to build a gateway that serves and translates the IoT device protocol to the AWS IoT protocol. This gateway provides some network capabilities, such as Bluetooth, Wi-Fi, XBee, and other RF, in order to serve all exchange of data among IoT devices and AWS IoT servers.
Finally, IoT devices without network capabilities still have a chance to communicate with AWS IoT. There are two methods that we can implement for this scenario. If the IoT device can extend its functionality, we can add a network module with the supported AWS IoT protocol. Another option is to connect this IoT device to a computer. Since a computer usually has capabilities to connect to an external network, we can build a program as a bridge between the IoT device and the AWS IoT backend. The program will interact with the IoT device, for example, by sensing and actuating, and perform a data exchange with the AWS IoT backend.
All the connectivity scenarios that we have so far discussed are illustrated in the following figure:

In the following section, we will explore several IoT device platforms that are widely used on the customer side to communicate with AWS IoT. Amazon also provides a list of AWS IoT starter kits from Amazon partners at https://aws.amazon.com/iot-platform/getting-started/#kits. We will review some devices with the supported AWS IoT platform.
Arduino is a widely used development board. This board is well-known in the embedded community. Mostly, Arduino boards are built using Atmel AVR, but some boards use other Microcontroller Units (MCUs) depending on who is in joint venture with Arduino. Currently, Arduino boards are built by Arduino.
We will review several Arduino boards from Arduino.cc (https://www.arduino.cc/en/Main/Products). We can read a comparison of all the Arduino boards by visiting http://www.arduino.cc/en/Products/Compare. We will review some Arduino boards, such as Arduino Uno, Arduino 101, and Arduino MKR1000:
For further information about the board, I recommend you read the board specification at http://www.arduino.cc/en/Main/ArduinoBoardUno. The Arduino board is shown in the following image:

Since Arduino Uno does not provide network modules, either Ethernet or wireless modules, we should put the network module with the supported AWS IoT to enable it to communicate with other machines.
- Arduino 101 is the same model as Arduino Uno in terms of I/O pins. Arduino 101 runs Intel® Curie™ as its core module. For more information, refer to http://www.intel.com/content/www/us/en/wearables/wearable-soc.html. This board has a built-in Bluetooth module. If you want Arduino 101 work with a Wi-Fi network, you should add an additional Wi-Fi shield. I recommend using Arduino Wi-Fi Shield 101. For more information, refer to https://store.arduino.cc/genuino-101:

- Arduino Yún is a microcontroller board based on the ATmega32u4 and the Atheros AR9331. This board runs OpenWrt Linux, called LininoOS. Arduino Yún can connect through Ethernet and Wi-Fi modules that are built-in features on the board. For further information on Arduino Yún, you can visit https://store.arduino.cc/arduino-yun. You can see a form of Arduino Yún in the following image:

Arduino also provides another model with a small factor. It's Arduino Yún Mini. For more information, refer to https://store.arduino.cc/arduino-yun-mini. This board removes the Ethernet socket from the body to give a smaller board size. You can see Arduino Yún Mini in the following image:

The Raspberry Pi is a low-cost credit-card sized computer, created by Eben Upton. It's a mini computer for educational purposes. To see all Raspberry Pi models, you can refer to https://www.raspberrypi.org/products/. Raspberry Pi 3 Model B and Raspberry Pi Zero are described here:

- Raspberry Pi Zero: This is a small computer, half the size of model A+. It runs with a single-core CPU and no network module, but it provides micro HDMI to be connected to a monitor. Since there is no network module in Raspberry Pi Zero, you can extend it by adding a module; for instance, Ethernet USB or Wi-Fi USB to connect to a network. You can see a form of Raspberry Pi Zero in the following image:

BeagleBone Black (BBB) Rev.C is a development kit based on an AM335x processor, which integrates an ARM Cortex™-A8 core operating at up to 1 GHz. BBB is more powerful than Raspberry Pi. The BBB board also provides internal 4 GB 8-bit eMMC onboard flash storage.
BBB supports several OS, such as Debian, Android, and Ubuntu. For more information on BBB, refer to https://beagleboard.org/black:

SeeedStudio BeagleBone Green (BBG) is a joint effort by BeagleBoard.org and Seeed Studio. BBG has the same features as BBB, although theHDMI port is replaced by Grove connectors, so the BBG price is lower than BBB. You can find out more and buy this board at http://www.seeedstudio.com/depot/SeeedStudio-BeagleBone-Green-p-2504.html:

ESP8266 is a low-cost Wi-Fi MCU with full TCP/IP support. It's built by Espressif, a Chinese manufacturer. For further information about this chip, refer to http://espressif.com/en/products/hardware/esp8266ex/overview.
There are many boards based on the ESP8266 chip. The following is a list of board platforms built on top of ESP8266 MCU:
- NodeMCU: This board uses NodeMCU firmware, with Lua as the programming language. For more information, refer to the official website at http://www.nodemcu.com/index_en.html.
- SparkFun ESP8266 Thing: This is developed by SparkFun. You should use serial hardware, such as FTDI, to write a program in this board, but this product is ready for a LiPo charger. You can read more about it at https://www.sparkfun.com/products/13231.
- SparkFun ESP8266 Thing – Dev: This board already includes a FTDI-to-USB tool, but no LiPo charger. It's developed by SparkFun and product information can be found at https://www.sparkfun.com/products/13711.
- SparkFun Blynk Board – ESP8266: This board includes temperature and humidity sensor devices. You can read about it at https://www.sparkfun.com/products/13794.
- Adafruit HUZZAH with ESP8266 WiFi: This is developed by Adafruit. Product information can be found at https://www.adafruit.com/products/2821.
If you're interested in the ESP8266 chip, I recommend that you join the ESP8266 forum at http://www.esp8266.com.

Although NodeMCU v2 and SparkFun ESP8266 Thing boards have the same chip, their chip model is different. NodeMCU v2 uses the ESP8266 module. On the other hand, the SparkFun ESP8266 Thing board uses the ESP8266EX chip. In addition, the SparkFun ESP8266 Thing board provides a LiPo connector, which you can attach to an external battery:

ESP32 is a chip that has two network stacks, Wi-Fi and BLE from Espressif, and is available at http://espressif.com/en/products/hardware/esp32/overview. This chip enables you to connect servers through a built-in Wi-Fi module. Based on my experience, there are a lot of IoT boards based on the ESP32 chip. The following is a list of ESP32 development boards:
- SparkFun ESP32 Thing, available at https://www.sparkfun.com/products/13907
- Espressif ESP32 Development Board, available at https://www.adafruit.com/product/3269
You also find various IoT boards based on the ESP32 chip at Aliexpress or online stores. A form of SparkFun ESP32 Thing is shown in the following image:

We can also use Mongoose OS ESP32-DevKitC from Cesanta to build applications for AWS IoT. To communicate with AWS IoT, they provide the Mongoose OS, which runs on ESP32. Several libraries from the Mongoose OS can be used to communicate with AWS IoT. The Mongoose OS ESP32-DevKitC from Cesanta is shown in the image source https://mongoose-os.com/aws-iot-starter-kit/.
TI CC3200 is a Wi-Fi MCU from Texas Instruments (TI). The new version of TI CC3200 is TI CC3220. This chip is based on ARM Cortex-M4 from TI. This board is a complete solution for IoT. This chip is supported for station, Access Point (AP), and Wi-Fi Direct modes. Regarding security, TI CC32XX supports WPA2 personal and enterprise security and Web Processing Service (WPS) 2.0. A comparison of TI CC3200 and TI CC3220 can be found at http://www.ti.com/product/CC3220.
For IoT development, TI provides the SimpleLink Wi-Fi CC32XX LaunchPad evaluation kit. It's a complete kit for development and debugging. The SimpleLink Wi-Fi CC3200 LaunchPad board is shown in the website https://www.conrad.de/de/entwicklungsboard-texas-instruments-cc3200-launchxl-1273804.html.
TI CC3200 is also used by RedBear (http://redbear.cc) to develop RedBearLab CC3200 and RedBearLab Wi-Fi Micro boards. These boards have the same functionalities as the SimpleLink Wi-Fi CC3200 LaunchPad board, but exclude the CC3200 debugger tool. The price of these boards is also lower than SimpleLink Wi-Fi CC3200 LaunchPad board's price.
AWS IoT Management Console lets you access and manage AWS IoT through a simple and intuitive web-based user interface. This web console can be found at https://console.aws.amazon.com/iotv2/home. If you have an active AWS account, you should access a form of AWS IoT Management Console. A screen of AWS IoT Management Console is shown in the following screenshot:

In AWS IoT Management Console, we can manage all IoT devices. This portal provides several features, as follows:
Dashboard
: This shows a summary of AWS IoT usage statisticsConnect
: This provides information on how to connect to AWS IoTRegistry
: This is used to register your new IoT device or to manage existing IoT devicesSecurity
: This configures AWS IoT and IoT devicesRules
: This manages all rules for AWS IoTTest
: This provides a test tool to evaluate your AWS IoT platform
You can see these menus in the following screenshot:

You will probably get different menus on the dashboard. You can change your AWS region in order to get full menus by clicking the menu on the top-right of the dashboard.
We will work with AWS IoT Management Console to manage our IoT projects in the next section.
The AWS server has several components and features. To minimize complexity in development, AWS provides AWS IoT Device SDK for various IoT device platforms. You can use them directly for your IoT platform. There are a lot of objects/classes that you can apply in your IoT program to access AWS IoT. You can find out more about AWS IoT SDK at https://aws.amazon.com/iot/sdk/.
Currently, AWS IoT Device SDK supports the following SDK:
- Embedded C
- Arduino Yún
- Java
- JavaScript
- Python
- iOS
- Android
To work with AWS IoT Device SDK, you should verify whether your IoT device supports this SDK or not. We will focus on applying AWS IoT Device SDK in Chapter 2, Connecting IoT Devices to AWS IoT Platform.
In this section, you will learn how to set up your IoT project, utilizing the AWS IoT platform. The following is a list of steps to build your AWS IoT project:
- Register on AWS
- Select the IoT device
- Register AWS IoT
- Create a security certificate
- Configure security access
Let's go through these steps.
AWS provides a complete solution to build your enterprise system, starting from a virtual machine and enterprise application, to machine learning and IoT. At the time of writing, Amazon offers a free one year trial access called AWS Free Tier for a newly registered user. You can access the full features with the limited scheme. You can register a new AWS account and get a free one year trial access at https://aws.amazon.com.
Most AWS can be accessed with the AWS Free Tier scheme. I recommend you do so. The AWS Free Tier registration page is shown in the following screenshot:

The next step is to select your IoT device. Each IoT device has unique capabilities. I suggest that you use the IoT device platform that is recommended by Amazon to minimize problems while developing and deploying. You can use one of the listed devices from https://aws.amazon.com/iot-platform/getting-started/#kits. Based on my experience, the Raspberry Pi board or IoT board with the Linux platform is easier, because most AWS IoT Device SDKs are supported.
I will show how various IoT device platforms access AWS IoT, with specific scenarios in this book. Register an IoT device for AWS IoT after you have decided what IoT device model is to be implemented. You should register it in order to obtain access rights in AWS IoT. You can register your IoT device on AWS IoT Management Console with the following steps:
- Navigate to https://console.aws.amazon.com/iot. You should see a form as shown in the following screenshot:

- Select the
Onboard
option from the left-hand menu. You can click on theGet started
button within theConfiguring a device
section, which is shown by an arrow in the preceding screenshot.
Then, you will get information about connecting IoT device to AWS IoT, as shown in the following screenshot:

- Select the development platform of the IoT device and AWS IoT SDK. In this scenario, I use
Linux/OSX
withNode.js
for AWS IoT SDK:

- Now we create our IoT device name. You should define the IoT device type. To do so, you click on the
Create a type
button:

If done, save this IoT device type.

- Then, go back to your IoT device registering. Fill out the IoT device name and its type. I filled
macos-computer
in theName
field, as shown in the following screenshot:

- If done, you should see your IoT device on the
Manage
|Things
menu:

You can add additional IoT devices to simulate the AWS IoT scenario.
Before we use AWS IoT, we should create a security certificate. Then, this certificate will be attached to our registered IoT device. Follow these steps:
- On AWS IoT Management Console, open your IoT device. Click on the
Security
option on the left-hand menu. You should see a form, as shown in the following screenshot:

- You should see a
Create certificate
button. Click on this button. Then, AWS IoT will generate private and public keys for your IoT device. Please download all certificate and key files:

These certificate and key files will be used in our program to access the AWS IoT server. You should get four files, as follows:
- Certificate file (
*.pem
) - Certificate public key file (
*.key
) - Certificate private key file (
*.key
) - Root certificate (
*.pem
) or (*.crt
)
- Certificate file (
- Put all these files into a folder. Our program will access these files:

The next step is to write a program. We will do so in the next section.
Since AWS IoT applies security to protect its system, we should also comply to configure our AWS IoT security. Some steps are taken to configure our AWS IoT security. We will perform the following tasks:
- Create a policy
- Attach a policy to the IoT device certificate
- Attach the IoT thing to the certificate
To create a policy on AWS IoT, perform the following steps:
- Click the
Policies
sub-menu from theSecure
menu, as shown in the following screenshot:

- Then, you should see a
Create a policy
button. Click on this button. - Fill in your policy name. You should add three policy statements, as follows:
iot:Connect
iot:Subscribe
iot:Publish
- Don't forget to check the
Allow
checkbox for all the preceding policy statements:


- The next step is to add our created policy into the IoT device certificate. You can open
Secure
|Certificates
on AWS IoT Management Console. Click on the ellipsis (…
) link so you get a context menu that is shown in the following screenshot. Click on theAttach policy
option:

- Then, you get a dialog box. Select your created policy. When done, click on the
Attach
button to execute this task:

- The last step is to add our IoT device into a security certificate. Click on the ellipsis (
…
) on your certificate so you get a context menu. Select theAttach thing
option on context menu:


Now your IoT device has a certificate and policy. You can access AWS IoT through the IoT device.
After we have registered all the IoT devices for AWS IoT, we can set up our development environment. Depending on your kind of IoT device, you can install AWS IoT SDK for your device. You can review the details at https://aws.amazon.com/iot/sdk/.
For testing, we use a computer that acts as an IoT thing. The computer will access AWS IoT. To simplify our case, I use JavaScript SDK for AWS IoT, available at https://github.com/aws/aws-iot-device-sdk-js. Since JavaScript SDK for AWS IoT needs Node.js to run the program, your computer should install Node.js runtime. You can download and install Node.js for your platform from https://nodejs.org/.
To install AWS IoT SDK for JavaScript, do so through the npm
package. You should install Node.js runtime for your platform. You can type the following command to install AWS IoT SDK for JavaScript:
$ npm install aws-iot-device-sdk
You can probably run this command at an administrator level if you get an error message due to a security issue.
For the development tool, you can use any text editor to write JavaScript scripts. For instance, you can use Visual Studio Code at https://code.visualstudio.com. You can see my sample JavaScript scripts on Visual Studio Code IDE in the following screenshot:

After we have configured our AWS IoT and added the IoT device, we can develop a program to access AWS IoT. In this scenario, our computer is used as an IoT thing. We also used Node.js to access AWS IoT, so we need to install AWS IoT SDK for JavaScript. For testing, we will build a Node.js application to access AWS IoT for such purposes as connecting, sending, and receiving.
Now, create a file called comp-demo.js
. Then, write the following Node.js scripts:
var awsIot = require('aws-iot-device-sdk'); var device = awsIot.device({ keyPath: 'cert/macos-computer.private.key', certPath: 'cert/macos-computer.cert.pem', caPath: 'cert/root-CA.crt', host: 'xxxxxxx.iot.ap-southeast-1.amazonaws.com', clientId: 'user-testing', region: 'ap-southeast-' }); device .on('connect', function() { console.log('connected'); device.subscribe('topic_1'); device.publish('topic_1', JSON.stringify({ test_data: 1})); }); device .on('message', function(topic, payload) { console.log('message', topic, payload.toString()); });
Please change the path and certificate files from your AWS IoT on parameters such as keyPath
, certPath
, caPath
, host
, and region
. Save this file.
Now we will review our program, comp-demo.js
. The following is a list of steps for the program:
- Firstly, we apply the required library from AWS IoT SDK for JavaScript. Then, we declare our device based on our IoT thing from AWS IoT:
var awsIot = require('aws-iot-device-sdk'); var device = awsIot.device({ keyPath: 'cert/macos-computer.private.key', certPath: 'cert/macos-computer.cert.pem', caPath: 'cert/root-CA.crt', host: 'xxxxxxx.iot.ap-southeast-1.amazonaws.com', clientId: 'user-testing', region: 'ap-southeast-' });
- We try to connect to AWS IoT. After we are connected, we subscribe a specific topic, for instance,
topic_1
. Then, we send a message by calling thepublish()
function:
device .on('connect', function() { console.log('connected'); device.subscribe('topic_1'); device.publish('topic_1', JSON.stringify({ test_data: 1})); });
- To receive an incoming message from AWS IoT, we listen to the message event as follows:
device .on('message', function(topic, payload) { console.log('message', topic, payload.toString()); });
After we write a program, comp-demo.js
, we can execute this program. Now you can run the program. Type this command:
$ node comp-demo.js
Make sure all certificate files are on the same path with comp-demo.js
. If successful, you should see the connected state and receive the incoming message:

You can also verify on AWS IoT Management Console about this transaction:

We have learned what AWS IoT is and explored several IoT device platforms. AWS IoT Management Console and Device SDK were introduced to obtain the essentials of AWS IoT platform.
In the last section, we registered and configured an IoT device. Then, we created a program to access AWS IoT from the IoT device. In the next chapter, we will learn how to connect to AWS IoT from various IoT devices and make interactions.