AWS IoT Core Documentation

AWS IoT Core helps you connect IoT devices to the AWS cloud without the need to provision or manage servers. AWS IoT Core is designed to support billions of devices and trillions of messages, and to process and route those messages to AWS endpoints and to other devices.

Key Features

AWS IoT Device SDK
The AWS IoT Device SDK helps you connect your hardware device or your mobile application to AWS IoT Core. The AWS IoT Device SDK is designed to enable your devices to connect, authenticate, and exchange messages with AWS IoT Core using the MQTT, HTTP, or WebSockets protocols. The AWS IoT Device SDK is designed to support C, JavaScript, and Arduino, and includes the client libraries, the developer guide, and the porting guide for manufacturers. You can also use an open source alternative or write your own SDK.
Device Advisor
Device Advisor is a fully managed cloud-based test capability for validating IoT devices during development. It provides pre-built tests that help developers validate their IoT devices for connectivity with AWS IoT Core. Device Advisor helps developers test if their IoT devices can interoperate with AWS IoT Core and follow security best practices. Developers can more easily identify and resolve the most common device software issues during development before they deploy their devices in production. Device Advisor also provides a signed qualification report which can be used by hardware partners to qualify their devices for inclusion in the AWS Partner Device Catalog.
Device Gateway
The Device Gateway serves as the entry point for IoT devices connecting to AWS. The Device Gateway is designed to manage all active device connections and implement semantics for multiple protocols to help validate that devices are able to efficiently communicate with AWS IoT Core. For devices that connect using MQTT or WebSockets the Device Gateway is designed to maintain long lived, bidirectional connections, helping these devices to send and receive messages with low latency. The Device Gateway is fully managed and designed to scale to support over a billion devices without requiring you to manage any infrastructure. For customers migrating to AWS IoT, the Device Gateway offers capabilities designed to transition infrastructures with minimal impact to existing architectures and IoT devices.
Message Broker
The Message Broker is a high throughput pub/sub message broker that is designed to transmit messages to and from your IoT devices and applications with low latency. The flexible nature of the Message Broker’s topic structure helps you to send messages to, or receive messages from, as many devices as you would like. It is designed to support messaging patterns ranging from one-to-one command and control messaging, to one-to-one million (or more) broadcast notification systems and everything in between. The Message Broker is a fully managed service designed to scale with your message volume without requiring you to run any infrastructure.
Authentication and Authorization
AWS IoT Core is designed to provide mutual authentication and encryption at all points of connection. With AWS IoT Core you can use AWS IoT Core generated certificates, as well as those signed by your preferred Certificate Authority (CA). The service is designed so you can map your choice of policies to each certificate, so that you can authorize devices or applications to have access, or change your mind and revoke access altogether without ever touching the device.
You can create, deploy and manage certificates and policies for the devices from the console or using the API. Those device certificates can be provisioned, activated and associated with the relevant IoT policies that are configured using AWS IoT Core. This is designed to allow you to instantly revoke access for an individual device if you choose to do so. AWS IoT Core is also designed to support connections from users’ mobile apps using Amazon Cognito, which helps you to create a unique identifier for your app’s users and retrieve temporary, limited-privilege AWS credentials.
Fleet provisioning for AWS IoT Core is designed to help onboard any number of manufactured devices to the cloud at scale. It provides an end-to-end managed device onboarding experience that is designed to set up devices with unique digital identities and perform the device-side and cloud-side configuration needed for each device to connect and operate with AWS IoT upon its first connection to AWS IoT Core.
The Registry is designed to establish an identity for devices and track metadata such as the devices’ attributes and capabilities. The Registry is designed to assign a unique identity to each device that is consistently formatted regardless of the type of device or how it connects. It also supports metadata that describes the capabilities of a device, for example whether a sensor reports temperature, and if the data are Fahrenheit or Celsius. Metadata in the Registry may expire if you do not access or update your registry entry within the period of time designated by AWS.
Device Shadow
With AWS IoT Core, you can create a persistent, virtual version, or Device Shadow, of each device that is designed to include the device’s latest state so that applications or other devices can read messages and interact with the device. The Device Shadow is designed to persist the last reported state and desired future state of each device even when the device is offline. You can retrieve the last reported state of a device or set a desired future state through the API or using the rules engine.
The Device Shadow makes it easier to build applications that interact with your devices by providing REST APIs. In addition, applications can set the desired future state of a device without accounting for the devices current state. AWS IoT Core is designed to compare the difference between the desired and last reported state, and command the device to make up the difference. The Device Shadow may expire if you do not update them at least once within the period of time designated by AWS.
Rules Engine
The Rules Engine helps you build IoT applications that gather, process, analyze and act on data generated by connected devices at global scale without having to manage any infrastructure. The Rules Engine is designed to evaluate inbound messages published into AWS IoT Core and transform and deliver them to another device or a cloud service, based on business rules you define. A rule can apply to data from one or many devices, and it can take one or many actions in parallel.
The Rules Engine is also designed to route messages to various AWS endpoints. External endpoints may be reached using AWS Lambda, Amazon Kinesis, Amazon Simple Notification Service, and Rules Engine’s native HTTP action.
You can author rules within the management console or write rules using a SQL-like syntax. Rules can be designed to behave differently depending upon the content of the message. For example, if a temperature reading exceeds a certain threshold it could trigger a rule designed to transmit data to AWS Lambda. Rules can also be authored to take into account other data in the cloud, such as data from other devices. For example you could design it to take an action if this temperature is more than 15% higher than the average of 5 other devices.
The Rules Engine provides dozens of available functions that can be used to transform your data, and it’s possible to create more via AWS Lambda. For example, if you’re dealing with a wide range of values you could take the average of incoming numbers. Rules can also be designed to trigger the execution of your Java, Node.js or Python code in AWS Lambda, giving you maximum flexibility and power to process device data.
Alexa Voice Service (AVS) Integration
Alexa Built-in is a category of devices created with the Alexa Voice Service (AVS) that have a microphone and speaker. You can talk to these products directly with the wake word “Alexa,” and then receive voice responses and content. With the AVS Integration, you can scale to millions of Alexa Built-in devices and accelerate your time to market with differentiated, voice-forward products. The AVS Integration for AWS IoT Core shifts media retrieval, audio decoding, audio mixing, and state management from a physical device to a new virtual Alexa Built-in device in the cloud. Offloading compute and memory intensive workloads to the cloud and reducing the on-device requirements for integrating AVS makes it possible to bring Alexa to resource constrained, low-cost products such as light switches, thermostats, and small appliances.
AWS IoT Core for LoRaWAN
AWS IoT Core for LoRaWAN is designed to help customers connect wireless devices that use low-power, long-range wide area network (LoRaWAN) technology. Using AWS IoT Core, customers can setup a private LoRaWAN network by connecting their own LoRaWAN devices and gateways to the AWS Cloud - without developing or operating a LoRaWAN Network Server (LNS).
AWS IoT Core for LoRaWAN is designed to support open-source LoRaWAN gateway-LNS communication protocol called Basic Station. Once LoRaWAN gateways and devices are connected, device data is routed to AWS IoT Core Rules Engine accelerating IoT application development.
Developers can write rules, like simple SQL queries designed to transform and act on the device data, raising alerts, or routing it to other AWS services like Amazon S3 using the AWS IoT Core Rules Engine. From the console, engineers can also query metrics for connected devices and gateways designed to troubleshoot connectivity issues.
Amazon Sidewalk Integration
Amazon Sidewalk is a shared network that helps connected devices work better through improved connectivity options. Operated by Amazon, Sidewalk can help simplify new device setup, extend the low-bandwidth working range of devices, and help devices stay online even if they are outside the range of their home Wi-Fi.
Amazon Sidewalk Integration is designed to help you to onboard your Sidewalk device fleets to AWS IoT Core. Amazon Sidewalk has been designed to support a wide range of customer devices like pet or valuables location trackers, to smart home security and lighting controllers, to remote diagnostics for home appliances and tools.

Additional Information

For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see This additional information does not form part of the Documentation for purposes of the AWS Customer Agreement available at, or other agreement between you and AWS governing your use of AWS’s services.