DEV Community

Cristiano D. Silva
Cristiano D. Silva

Posted on

Setting up your AWS IoT Button

As a fair warning for you the reader and as a fellow engineer I’m required to tell you that this guide was based on the AWS interface of 2019 so, if you can’t find the resources or directions based on what is said here, then, very likely you will need to adjust. This guide also assumes that you have some level of knowledge on how to set up certain things on AWS.

If you are considering in setting up your AWS IoT Gen 1 button this means that you also know the potential of IoT in the next technological revolution and the sooner you learn this, the more opportunities you can open.

First things first, you need to have an AWS Console access, either as root or with a user that has enough access to configure and manage the IoT devices. As an extended help, also create an IAM programmatic user to give you access to the AWS CLI. Just like the Console user this user will need also access to the IoT resources. This CLI access is pretty handy to get some information from the IoT such as the endpoint (you will need this later).

On the Console services search bar type IoT and select IoT Core. A new page will open and here you should click on Manage and then Things.

Up to the point of creating the Policy you can follow the AWS documentation here. Just remember to download the certificate files during this process.

During the Policy creation, it will ask you to add 2 statements, one for connect and another for publishing. The connect you can keep exactly as it shows, but the publish, for now, instead of publishing to a topic, use *. You can change this later on. The goal right now is to connect and publish by all means.

After you have done this continue following the documentation until you reach the configure your device.

Now is the part that you can't find any documentation what-so-ever and all you gonna find are guides, like this, that has some reference on how this works. To make matters worse, the device that you just got didn’t come with a manual to show how to perform the steps.


Yeah, pretty much that.

Well, let's move forward from this disappointment and set up the device. Grab a few pieces of information that you will need to set up the device.

If you have installed the AWS CLI tool, run the following command:

aws iot describe-endpoint

It will throw an error asking for a region and that is because you haven’t configured the CLI yet, for that, just run this command:

aws configure

It will ask you the information from your IAM user that you created at the beginning of this guide.

Save the identifier from the URL it returned. It should have returned something in this format:

Note: This is an MQTT REST endpoint so, in theory, as long as the thing has a certificate and private key, anything can be a thing.

The next piece of information you will need is the password for your WiFi network. Grab that and have it handy. Now hold the button on your device until it shows a blue light. Just like you would do with a Bluetooth device.

It will create for you a special network with the name “ConfigureMe” in it. The password will be in uppercase letters the last 8 digits of your device serial number. That is available on both the box and the device itself.

Once it is connected go to the configuration page

Here you will:

  • Configure your WiFi network for this device
  • Attach the private key and the certificate file to this device
  • Add that that you saved before

Once all are filled, hit the save button and it will automatically disconnect the WiFi and attempt a first message publish.

If all goes well you will get a green light. If not, well, that is when things get nasty and really painful to troubleshoot since it will be up to visual interpretation. When something fails it will show a red led and if that happens, you need to read the red pattern portion of the troubleshooting that can be found here.

It will not tell you why is failing directly, but it will give you clues. Basically, it can fail on:

  • Certificate not active or invalid
  • Policy invalid or too restrictive
  • Endpoint invalid
  • WiFi not connected

It is important to remember that AWS works under the principle of denying all and most of the issues can be related to this.

Now that you have a green light, you need to find a way to see what it is publishing and the easiest way is to simply add debug logs to CloudWatch.

Congratulations your device successfully connects to AWS and publish messages.

well done

The next steps are obviously doing something with these messages, but that I will let to you.

Good luck and don’t forget to have fun and share the knowledge.

This article was originally posted at:

Top comments (0)