# AWS IoT Core Easily and securely connect devices to [**AWS IoT Core**](https://aws.amazon.com/iot-core/). AWS IoT Core uses MQTT to transmit and receive messages, a lightweight IoT messaging protocol. This tutorial explain how to set up AWS IoT Core and start sending IoT data from a Raspberry Pi connected over cellular.

### Quick Navigation * [Create a Thing in AWS](#create-a-thing-in-aws) * [Connect your device to AWS IoT Core](#connect-your-device-to-aws-iot-core) * [Create your python script](#create-your-python-script) ### Prerequisites * [AWS account](https://console.aws.amazon.com/) * Monogoto SIM * Raspberry Pi 3 or 4 ## Create a Thing in AWS Start by visiting the [**AWS portal**](https://console.aws.amazon.com/console/home) Search for the **IoT Core** service

In the left side menu, navigate to **Manage > All devices > Things** Click the button **Create Things** to create your digital Thing.

**Name your thing**, e.g. `mqtt-thing`

Select **Auto-generate a new certificate**

Attach an existing policy, or create a new one by clicking “**Create policy**”

When creating a new policy, add 4 statements allowing the Thing to **Connect**, **Publish**, **Receive** and **Subscribe**. Under Policy resource, add an asterisk `*` to allow all topic names to connect to AWS IoT Core. ``` Policy effect Policy action Policy resource Allow iot:Connect * Allow iot:Publish * Allow iot:Receive * Allow iot:Subscribe * ```

{% hint style="warning" %} When using AWS IoT Core in production, restrict the Policy resource to specific topics to increase the security of your application. {% endhint %} #### **Download all keys and CA files** Download and store the **Device certificate**, **Private key file** and **Amazon Root CA 1** in a directory called `certs`. Make sure to name the files properly as described in the table below. | **Device certificate** | device.pem.crt | | ---------------------- | ----------------- | | **Private key file** | private.pem.key | | **Amazon Root CA 1** | AmazonRootCA1.pem |

## Connect your device to AWS IoT Core *This section explains how to run a python scrip on a Raspberry Pi, connected to Monogoto. For more information on how to connect the Raspberry Pi to Monogoto, see* [*this tutorial*](https://docs.monogoto.io/getting-started/general-device-configurations/raspberry-pi)*.* **Access the Raspberry Pi** over ssh or by connecting a screen and keyboard **Install the required libraries** Before you install an AWS IoT Device SDK, run these commands in a terminal window on your Linux device to install the required libraries. ```bash sudo apt-get install cmake ``` ```bash sudo apt-get install libssl-dev ``` Install the **AWS IoT Device SDK** for Python and download the sample apps to your device. ```bash cd ~ pip3 install awsiotsdk pip3 install AWSIoTPythonSDK ``` **Add certificates to the Raspberry Pi** Add the **Device certificate**, **Private key file** and **Amazon Root CA 1** to a folder called `certs`. ``` cd ~ mkdir certs ``` {% hint style="info" %} If you downloaded the certificates to a different machine, move the certificates to the RPI using the below command: `scp -r ~/certspi@:~/certs` {% endhint %} ## Create your python script #### Create a new file called `publish.py` containing the below script {% code lineNumbers="true" %} ```python # publish.py # Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: MIT-0 import time as t import json import AWSIoTPythonSDK.MQTTLib as AWSIoTPyMQTT # Define ENDPOINT, CLIENT_ID, PATH_TO_CERTIFICATE, PATH_TO_PRIVATE_KEY, PATH_TO_AMAZON_ROOT_CA_1, MESSAGE, TOPIC, and RANGE ENDPOINT = "" CLIENT_ID = "basicPubSub" PATH_TO_CERTIFICATE = "/home/pi/certs/device.pem.crt" PATH_TO_PRIVATE_KEY = "/home/pi/certs/private.pem.key" PATH_TO_AMAZON_ROOT_CA_1 = "/home/pi/certs/AmazonRootCA1.pem" MESSAGE = "hello world" TOPIC = "device/RPI" RANGE = 3 myAWSIoTMQTTClient = AWSIoTPyMQTT.AWSIoTMQTTClient(CLIENT_ID) myAWSIoTMQTTClient.configureEndpoint(ENDPOINT, 8883) myAWSIoTMQTTClient.configureCredentials(PATH_TO_AMAZON_ROOT_CA_1, PATH_TO_PRIVATE_KEY, PATH_TO_CERTIFICATE) myAWSIoTMQTTClient.connect() print('Begin Publish') for i in range (RANGE): data = "{} [{}]".format(MESSAGE, i+1) message = {"message" : data} myAWSIoTMQTTClient.publish(TOPIC, json.dumps(message), 1) print("Published: '" + json.dumps(message) + "' to the topic: " + TOPIC) t.sleep(0.1) print('Publish End') myAWSIoTMQTTClient.disconnect() ``` {% endcode %} Replace `` with your **AWS endpoint** to the `publish.py` file (line 11) {% hint style="info" %} **To find your AWS endpoint**, go to the [AWS IoT console](https://console.aws.amazon.com/iot/home), near the bottom of the navigation pane, choose **Settings**. In the **Settings** page you will find the **Endpoint**, which is unique to your AWS account and looks something like: `abcdef1234567-ats.iot.eu-west-1.amazonaws.com`. {% endhint %}

In the AWS IoT Portal, open the **MQTT test client** and subscribe to the topic **device/RPI**

**Go back to your Raspberry Pi** and run the `publish.py` script using the command: ```bash python3 publish.py ``` Expected response ```bash Begin Publish Published: '{"message": "hello world [1]"}' to the topic: device/data Published: '{"message": "hello world [2]"}' to the topic: device/data Published: '{"message": "hello world [3]"}' to the topic: device/data Publish End ``` When looking at the MQTT test client in AWS IoT Core, you can see the messages:

{% hint style="success" %} **Congratulations!** I’ve successfully sent data from a Raspberry Pi connected to Monogoto, to AWS IoT Core using the MQTT protocol. {% endhint %} ### Next steps * **Trigger actions using Lambdas** - [learn more](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-functions.html#iot-func-aws-lambda) * **Store data in DynamoDB** - [learn more](https://docs.aws.amazon.com/iot/latest/developerguide/iot-ddb-rule.html)