Get Started with the Project

4 Steps  |  60 Minutes

Q: What is AWS IoT?

AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. AWS IoT can support billions of devices and trillions of messages, and can process and route those messages to AWS endpoints and to other devices reliably and securely. With AWS IoT, your applications can keep track of and communicate with all your devices, all the time, even when they aren’t connected. AWS IoT makes it easy to use AWS services like AWS Lambda, Amazon Kinesis, Amazon S3, Amazon Machine Learning, Amazon DynamoDB, Amazon CloudWatch, AWS CloudTrail, and Amazon Elasticsearch Service with built-in Kibana integration, to build IoT applications that gather, process, analyze and act on data generated by connected devices, without having to manage any infrastructure.

Q: What does AWS IoT offer?

Connectivity between devices and the AWS cloud. First, with AWS IoT you can communicate with connected devices securely, with low latency and with low overhead. The communication can scale to as many devices as you want. The AWS IoT service supports standard communication protocols (HTTP, MQTT, and WebSockets are supported currently). Communication is secured using TLS.

Processing data sent from connected devices. Secondly, with AWS IoT you can continuously ingest, filter, transform, and route the data streamed from connected devices. You can take actions based on the data and route it for further processing and analytics.

Application interaction with connected devices. Finally, the AWS IoT service accelerates IoT application development. It serves as an easy to use interface for applications running in the cloud and on mobile devices to access data sent from connected devices, and send data and commands back to the devices.

Q: How does AWS IoT work?

Connected devices, such as sensors, actuators, embedded devices, smart appliances, and wearable devices, connect to AWS IoT over HTTPS, WebSockets, or secure MQTT. Included in AWS IoT is a Device Gateway that allows secure, low-latency, low-overhead, bi-directional communication between connected devices and your cloud and mobile applications.

The AWS IoT service also contains a Rules Engine which enables continuous processing of data sent by connected devices. You can configure rules to filter and transform the data. You also configure rules to route the data to other AWS services such as DynamoDB, Kinesis, Lambda, SNS, SQS, CloudWatch, Elasticsearch Service with built-in Kibana integration, as well as to non-AWS services, via Lambda for further processing, storage, or analytics. There is also a Device Registry where you can register and keep track of devices connected to AWS IoT, or devices that may connect in the future. Device Shadows in the AWS IoT service enable cloud and mobile applications to query data sent from devices and send commands to devices, using a simple REST API, while letting AWS IoT handle the underlying communication with the devices. The shadows accelerate application development by providing a uniform interface to devices, even when they use one of the several IoT communication and security protocols with which the applications may not be compatible. Shadows also accelerate application development by providing an always available interface to devices even when the connected devices are constrained by intermittent connectivity, limited bandwidth, limited computing ability or limited power.

Communication with AWS IoT is secure. The service requires all of its clients (connected devices, server applications, mobile applications, or human users) to use strong authentication (X.509 certificates, AWS IAM credentials, or 3rd party authentication via AWS Cognito). All communication is encrypted. AWS IoT also offers fine-grained authorization to isolate and secure communication among authenticated clients.

Similar to other AWS services, users can access AWS IoT via the AWS Management Console and the CLI. Applications can access AWS IoT easily with the AWS SDKs available for several programming languages. AWS IoT further simplifies development and operations of IoT applications by integrating with Amazon CloudWatch.

This tutorial uses a Python script to simulate devices, and that script is built using the AWS IoT SDK for Python.

Q: Which AWS regions is AWS IoT service available in?

AWS IoT is currently available in the following AWS regions, and accordingly dictate which regions support this tutorial:

• US East (N. Virginia) • US West (Oregon) • EU (Ireland) • EU (Frankfurt) • Asia Pacific (Sydney) • Asia Pacific (Seoul) • Asia Pacific (Tokyo) • Asia Pacific (Singapore)

You can use AWS IoT regardless of your geographic location, as long as you have access to one of the above AWS regions.

Q: What communication and authentication protocols does AWS IoT support?

For control plane operations, AWS IoT supports HTTPS. For data plane operations, AWS IoT supports HTTPS, WebSockets, and secure MQTT – a protocol often used in IoT scenarios. HTTPS and WebSockets requests sent to AWS IoT are authenticated using AWS IAM or AWS Cognito, both of which support the AWS SigV4 authentication. If you are using the AWS SDKs or the AWS CLI, the SigV4 authentication is taken care of for you under the hood. HTTPS requests can also be authenticated using X.509 certificates. MQTT messages to AWS IoT are authenticated using X.509 certificates.

With AWS IoT you can use AWS IoT generated certificates, as well as those signed by your preferred Certificate Authority (CA).

Q: Can devices that are NOT directly connected to the Internet access AWS IoT?

Yes, via a physical hub. Devices connected to a private IP network and devices using non-IP radio protocols such as ZigBee or Bluetooth LE can access AWS IoT as long as they have a physical hub as an intermediary between them and AWS IoT for communication and security.

In our implementation guide, we will deploy an EC2 instance that acts as the "hub". A python script will simulate things connecting via this hub.

Q: How much will the AWS resources in my IoT application cost?

All of the resources created in this tutorial use services eligible for the AWS free tier, meaning you will not incur any cost (assuming you have not already consumed your available free tier allotment). If you are already running a t2.micro Linux instance (and therefore are already consuming your free tier allotment for EC2), the hourly cost would be $0.013 if you use the us-east-1 or us-west-2 region. This tutorial takes approximately 1 hour to complete.

Get Started with the Project