AWS IoT Core enables you to connect devices to AWS Services and other devices, secure data and interactions, process and act upon device data, enables applications to interact with devices even when they are offline and that allows you to produce low-cost Alexa built-in devices.

Key features

AWS IoT Device SDK

The AWS IoT Device SDK helps you easily and quickly connect your hardware device or your mobile application to AWS IoT Core. The AWS IoT Device SDK enables your devices to connect, authenticate, and exchange messages with AWS IoT Core using the MQTT, HTTP, or WebSockets protocols. The AWS IoT Device SDK supports C, JavaScript, and Arduino, and includes the client libraries, the developer guide, and the porting guide for manufacturers. You can also use an open source alternative or write your own SDK.

To learn more read the AWS IoT Device SDK documentation or get started by downloading the SDKs.

Device Advisor

Device Advisor is a fully managed cloud-based test capability for validating IoT devices during development. It provides pre-built tests that helps developers to validate their IoT devices for reliable and secure connectivity with AWS IoT Core. By using Device Advisor, developers can test if their IoT devices can reliably interoperate with AWS IoT Core and follow security best practices. Developers can identify and resolve the most common device software issues during development before they deploy their devices in production. Device Advisor also provides a signed qualification report which can be used by hardware partners to qualify their devices for inclusion in the AWS Partner Device Catalog. To learn more and get started, see the Device Advisor’s overview page, technical documentation, and blog.

Device Gateway

The Device Gateway serves as the entry point for IoT devices connecting to AWS. The Device Gateway manages all active device connections and implements semantics for multiple protocols to ensure that devices are able to securely and efficiently communicate with AWS IoT Core. Currently the Device Gateway supports the MQTT, WebSockets, and HTTP 1.1 protocols. For devices that connect using MQTT or WebSockets the Device Gateway will maintain long lived, bidirectional connections, enabling these devices to send and receive messages at any time with low latency. The Device Gateway is fully managed and scales automatically to support over a billion devices without requiring you to manage any infrastructure. For customers migrating to AWS IoT, the Device Gateway offers capabilities to transition infrastructures with minimal impact to existing architectures and IoT devices. To learn more about Configurable Endpoints, read the documentation here.

To learn more read the protocols section in the AWS IoT Core user guide.

Message Broker

The Message Broker is a high throughput pub/sub message broker that securely transmits messages to and from all of your IoT devices and applications with low latency. The flexible nature of the Message Broker’s topic structure allows you to send messages to, or receive messages from, as many devices as you would like. It supports messaging patterns ranging from one-to-one command and control messaging, to one-to-one million (or more!) broadcast notification systems and everything in between. In addition, you can set up fine grained access controls that enable you to manage the permissions of individual connections at the topic level, ensuring that your devices and applications will only send and receive the data that you want them to. The Message Broker is a fully managed service, so no matter how you choose to use it, it will scale automatically with your message volume without requiring you to run any infrastructure.

To learn more read the Message Broker section of the AWS IoT Core user guide.

Authentication and Authorization

AWS IoT Core provides mutual authentication and encryption at all points of connection, so that data is never exchanged between devices and AWS IoT Core without a proven identity. AWS IoT Core supports the AWS method of authentication (called ‘SigV4’), X.509 certificate based authentication, and customer created token based authentication (through custom authorizers.) Connections using HTTP can use any of these methods, while connections using MQTT use certificate based authentication, and connections using WebSockets can use SigV4 or custom authorizers. With AWS IoT Core you can use AWS IoT Core generated certificates, as well as those signed by your preferred Certificate Authority (CA). You can map your choice of policies to each certificate, so that you can authorize devices or applications to have access, or change your mind and revoke access altogether without ever touching the device.

You can create, deploy and manage certificates and policies for the devices from the console or using the API. Those device certificates can be provisioned, activated and associated with the relevant IoT policies that are configured using AWS IoT Core. This allows you to instantly revoke access for an individual device if you choose to do so. AWS IoT Core also supports connections from users’ mobile apps using Amazon Cognito, which takes care of all the steps necessary to create a unique identifier for your app’s users and retrieve temporary, limited-privilege AWS credentials. AWS IoT Core can also provide temporary AWS credentials after a device has authenticated with an X.509 certificate, so that the device can more easily access other AWS services such as DynamoDB or S3.

Fleet provisioning for AWS IoT Core makes it easy to onboard any number of manufactured devices to the cloud at scale. It provides an end-to-end managed device onboarding experience that sets up devices with unique digital identities and performs the device-side and cloud-side configuration needed for each device to connect and operate with AWS IoT automatically upon its first connection to AWS IoT Core. Fleet provisioning is offered at no additional charge to customers. To learn more about Fleet Provisioning, read Fleet provisioning documentation here.

To learn more read the Security and Authentication section in the AWS IoT Core user guide.


The Registry establishes an identity for devices and tracks metadata such as the devices’ attributes and capabilities. The Registry assigns a unique identity to each device that is consistently formatted regardless of the type of device or how it connects. It also supports metadata that describes the capabilities of a device, for example whether a sensor reports temperature, and if the data are Fahrenheit or Celsius.

The Registry lets you store metadata about your devices at no additional charge, and metadata in the Registry does not expire as long as you access or update your registry entry at least once every 7 years.
To learn more read the Registry section of the AWS IoT Core user guide.

Device Shadow

With AWS IoT Core, you can create a persistent, virtual version, or Device Shadow, of each device that includes the device’s latest state so that applications or other devices can read messages and interact with the device. The Device Shadow persists the last reported state and desired future state of each device even when the device is offline. You can retrieve the last reported state of a device or set a desired future state through the API or using the rules engine.

The Device Shadow makes it easier to build applications that interact with your devices by providing always available REST APIs. In addition, applications can set the desired future state of a device without accounting for the devices current state. AWS IoT Core will compare the difference between the desired and last reported state, and command the device to make up the difference.

The AWS IoT Device SDK makes it easy for your device to synchronize its state with its Device Shadow, and to respond to desired future states set via the Device Shadow.

The Device Shadow lets you store the state of your devices for up to a year for free. The Device Shadow persist forever if you update them at least once per year, otherwise they expire.

To learn more read the Device Shadow section of the AWS IoT Core user guide.

Rules Engine

The Rules Engine makes it possible to build IoT applications that gather, process, analyze and act on data generated by connected devices at global scale without having to manage any infrastructure. The Rules Engine evaluates inbound messages published into AWS IoT Core and transforms and delivers them to another device or a cloud service, based on business rules you define. A rule can apply to data from one or many devices, and it can take one or many actions in parallel.

The Rules Engine can also route messages to AWS endpoints including AWS IoT Analytics, AWS IoT Events, AWS Lambda, Amazon Kinesis, Amazon S3, Amazon DynamoDB, Amazon CloudWatch, Amazon Simple Notification Service (SNS), Amazon Simple Queue Service (SQS), Amazon Elasticsearch Service, and AWS Step Functions. External endpoints can be reached using AWS Lambda, Amazon Kinesis, Amazon SNS, and Rules Engine’s native HTTP action.

You can author rules within the management console or write rules using a SQL-like syntax. Rules can be authored to behave differently depending upon the content of the message. For example, if a temperature reading exceeds a certain threshold it could trigger a rule to transmit data to AWS Lambda. Rules can also be authored to take into account other data in the cloud, such as data from other devices. For example you could say take an action if this temperature is more than 15% higher than the average of 5 other devices.

The Rules Engine provides dozens of available functions that can be used to transform your data, and it’s possible to create infinitely more via AWS Lambda. For example, if you’re dealing with a wide range of values you could take the average of incoming numbers. Rules can also trigger the execution of your Java, Node.js or Python code in AWS Lambda, giving you maximum flexibility and power to process device data.

To learn more read the Rules Engine section of the AWS IoT Core user guide.

Alexa Voice Service (AVS) Integration

Alexa Built-in is a category of devices created with the Alexa Voice Service (AVS) that have a microphone and speaker. You can talk to these products directly with the wake word “Alexa,” and receive voice responses and content instantly.

With the AVS Integration, you can cost-effectively scale to hundreds of millions of Alexa Built-in devices and accelerate your time to market with differentiated, voice-forward products. The AVS Integration for AWS IoT Core shifts media retrieval, audio decoding, audio mixing, and state management from a physical device to a new virtual Alexa Built-in device in the cloud. This lowers the cost of producing Alexa Built-in devices by up to 50% by reducing the hardware requirements from 50MB to 1MB of RAM and from ARM Cortex ‘A’ class microprocessors to ARM Cortex ‘M’ class microcontrollers.

Offloading compute and memory intensive workloads to the cloud and reducing the on-device requirements for integrating AVS makes it possible to bring Alexa to resource constrained, low-cost products such as light switches, thermostats, and small appliances. With new categories of Alexa Built-in devices available on the market, end users can now experience Alexa in new parts of their home, office, or hotel rooms for a truly ambient experience, where they talk directly to their surroundings rather than to an Alexa Family of Devices.

Our partners make it easy for you to get started by launching hardware development kits for AVS for AWS IoT. Development kits are enabled by real time operating system for microcontrollers like FreeRTOS and include out-of-the box connectivity to AWS IoT. Kits also remove the need to develop your voice application from scratch by including AVS qualified Audio Algorithms for Far-Field voice pickup, Echo Cancellation, and Alexa Wake Word as well as AVS for AWS IoT application code. Using the feature application code, you can quickly prototype a device and port the implementation to your chosen MCU design for testing and device production when you're ready.

AVS Integration is available as a new reserved topic in AWS IoT Core. Messages sent to and from the device to the AVS for AWS IoT reserved topics are free. Learn how to create low-cost Alexa Built-in devices with the AVS Integration for AWS IoT Core Getting Started Guide.


AWS IoT Core for LoRaWAN

AWS IoT Core for LoRaWAN enables customers to connect wireless devices that use low-power, long-range wide area network (LoRaWAN) technology. Using AWS IoT Core, customers can now setup a private LoRaWAN network by connecting their own LoRaWAN devices and gateways to the AWS Cloud - without developing or operating a LoRaWAN Network Server (LNS). This eliminates the undifferentiated development work and operational burden of managing an LNS and associated infrastructure, accelerating the network set-up time.

AWS IoT Core for LoRaWAN includes support for open-source LoRaWAN gateway-LNS communication protocol called Basic Station, which means no writing or testing of custom gateway software is required to connect LoRaWAN gateways to AWS IoT Core. Once LoRaWAN gateways and devices are connected, device data is automatically routed to AWS IoT Core Rules Engine accelerating IoT application development.

Developers can write rules, like simple SQL queries to transform and act on the device data, raising alerts, or routing it to other AWS services like Amazon S3 using the AWS IoT Core Rules Engine. From the console, engineers can also query metrics for connected devices and gateways to troubleshoot connectivity issues. With pay-as-you-go pricing and no monthly commitments, customers can connect and scale LoRaWAN device fleets reliably, and build applications with AWS services quickly and efficiently.

AWS IoT Partners make it easy for you to get started by providing AWS IoT Core for LoRaWAN qualified gateways that connect to AWS IoT Core out of the box, without any need to modify embedded software. Search the AWS Partner Device Catalog to find gateways that are qualified for use with AWS IoT Core for LoRaWAN.

To learn more and access getting started resources, visit AWS IoT Core for LoRaWAN

Amazon Sidewalk Integration

Amazon Sidewalk is a shared network that helps connected devices work better through improved connectivity options. Operated by Amazon at no charge to customers, Sidewalk can help simplify new device setup, extend the low-bandwidth working range of devices, and help devices stay online even if they are outside the range of their home Wi-Fi.

Amazon Sidewalk Integration enables you to easily onboard your Sidewalk device fleets to AWS IoT Core. Amazon Sidewalk has been designed to support a wide range of customer devices like pet or valuables location trackers, to smart home security and lighting controllers, to remote diagnostics for home appliances and tools.

Learn how to build Sidewalk devices and get started by reviewing a Sidewalk Quick Start Guide(s) on the Sidewalk Developer Service (SDS) Console.

LoRaWAN is a mark used under license from the LoRa Alliance.

Learn more about AWS IoT Core pricing

Visit the pricing page
Ready to get started?
Sign up
Have more questions?
Contact us