Guide to AWS IoT Core Features

 Guide to AWS IoT Core Features

The IoT (Internet of Things) is a system of small inter-related computing devices. These devices usually have any types of sensors attached to them and have a unit within which can interact with the internet & transfer the information recorded over a network without requiring human-to-human or human-to-computer interaction.

Today there are a lot of industries where IoT is applicable & billions of IoT devices already in use in various industries. These devices usually send information quite frequently over the network to record & take some action by the server on this data.

AWS IoT Core a service that handles all this data & allows us to take the desired action on the data. Today we are going to touch some basic concepts of AWS IoT without going much deeper :

AWS IoT Core:

So AWS IoT Core is the cloud-based managed service using which IoT devices can communicate with web & mobile clients. IoT Core can support billions of devices & trillions of messages sent by those devices.

AWS IoT Core can process those messages & send those messages to the defined devices or endpoints securely. The main feature of AWS IoT Core is that it can communicate with all the IoT devices even when they are not connected. It does that using creating device shadow, which we will discuss later.

With the help of AWS IoT Core, we can easily use AWS services like Amazon Kinesis, Amazon S3, AWS Lambda, Amazon QuickSight, Amazon CloudWatch, Amazon SageMaker, AWS CloudTrail, and Amazon DynamoDB, to build IoT applications that gather data, process data, analyze data and act on data generated by connected devices, without having to manage any server infrastructure.

Communication in AWS IoT is two ways. It means the device can send data to the server & the server can also send data to IoT devices. Data sent by the server to devices can be simple on/off instructions, restart instruction or firmware update instructions, etc.

Guide to AWS IoT Core Features

Features of AWS IoT Core


1. Security: 

All the messages sent to the IoT core will be secured using security certificates. AWS IoT Core makes sure that all communications are completely secure, whether the information is on the fly or stored statically. Data never exchanged between devices and AWS IoT Core without authentication.

Apart from this, the IoT core also allows us to define policies. Policies define much granular control for security. Using policies, we can control which IoT device has what level of permissions. AWS IoT also has ‘Device defender’ to run security audits & for monitoring the device fleet activity. 

2. MQTT: 

Communication between IoT devices & AWS IoT core is usually done over MQTT. It is an extremely lightweight messaging protocol used worldwide for the machine to machine connectivity. MQTT is useful for connections with remote locations where a little code is required and/or network lesser bandwidth. It is basically PuB/Sub based, where messages published on some topic & received by the topic subscribers.

AWS IoT uses this & all communication will be done over MQTT. Also, AWS IoT has a message broker, which allows it to communicate with end devices & vice-versa. A message broker allows connecting new clients to maintain sessions of connected clients. It also keeps track of all the topics & the messages published on that topic.

Once the message broker receives a message on a topic. It checks the list of sessions & subscriptions and forwards it to all the sessions of connected clients who subscribed to this topic. 

3. Jobs: 

AWS IoT allows us to define a set of remote operations called jobs that are sent to and executed on devices connected to AWS IoT. Using IoT jobs, we can send files to the end devices, update device firmware version using over the air(OTA) updates. We have to put an updated file in s3 & select things or a group of things that needs to be updated. 

To create a job, we must have to create a job document first. The job document is a JSON document that defines what remote operation needs to be performed by the remote device. The job document contains URLs from where files should be downloaded & usually, this document stored on the Amazon S3 bucket. But this can also be passed inline with the command, which creates the job. Once a device performs a task assigned. It reports back to the server regarding the progress.

4. Things:  

To let communicate an IoT device with IoT Core, we have to first onboard the device. Each device in the AWS IoT is represented as a thing. It can be a physical device like a light bulb with a sensor or door lock etc. Things not always need to be connected to a device. You can connect a Thing to your computer, simulator, as well. Things are identified by a name. Things can also have attributes in the form of key-value pairs.

When you have thousands of IoT devices, then it might be hard to keep track of all on the server. AWS things make this very manageable. You can search for things & group things. It also can define thing types & create thing groups with types. Thing types & Thing groups are optional to create. But if created, it will help in better organize & discovery of things.

5. Device Shadow: 

AWS IoT allows web or mobile or any other clients to communicate with the IoT Devices even when they are offline. It does that by creating a shadow of devices on cloud & which always keeps the latest state of the device. It stores all this information in the form of a JSON document.

For example, if we have a light bulb device that has states ‘on’ or ‘off,’ then AWS IoT will create a shadow of this on the cloud & which will keep the latest state of the bulb. If bulb sends data to the server & by XYZ reasons, it is disconnected after that. Then we still have its last state stored on the shadow of the device in the cloud & all other clients(web or mobile) can still communicate with device shadow without knowing that the device is offline now.

Once the device is available again, the most recent state will be synced with the device shadow automatically.   

6. Rules & Actions: 

We can have multiple devices keeps sending data on AWS IoT. They might not all be relevant for our purpose. To filter only the required data, AWS IoT allows us to create rules.

Using rules, we can filter data & can take action on them as per our requirement. Actions can be anything from calling a lambda function, storing to S3, or storing to dynamo DB or Sending an SNS notification, etc. 


Image Source:

To apply a rule, AWS allows us Rules query statement. This is written in SQL like query language, as shown in the diagram below.

For example: SELECT temperature FROM 'IoT/topic' WHERE temperature > 30. To learn more, see AWS IoT SQL Reference.


Image Source:

Once rules applied & data is selected, we can define actions on this data. 

Following actions are supported up to now:

  • Elasticsearch: it is used to write data to an Amazon Elasticsearch Service domain.
  • Kinesis: it is used to write data to a Kinesis stream.
  • Cloud watch alarm: it is used to change a CloudWatch alarm.
  • Cloud watch metric: it is used to capture a CloudWatch metric.
  • Lambda: it is used to invoke a Lambda function.
  • Firehose: it is used to write data to an Amazon Kinesis Data Firehose stream.
  • IoT analytics: it is used to send data to an AWS IoT Analytics channel.
  • IoT events: it is used to send data to an AWS IoT Events input.
  • Republish: it is used to republish the message on another MQTT topic.
  • s3: it is used to write data to an Amazon S3 bucket.
  • Salesforce: it is used to write a message to a Salesforce IoT input stream.
  • sqs: it is used to write data to an SQS queue.
  • SNS: it is used to write data as a push notification.
  • stepFunctions : it is used to start the execution of a Step Functions state machine.
  • dynamo DB: it is used to write data to a DynamoDB database.
  • dynamoDBv2: it is used to write data to a DynamoDB database.

AWS also provides SDK, which helps users to connect IoT devices easily & quickly via code. Each of the things, things types, device shadows, rules, etc. have unique arn of the Lambda function. Using which we can easily communicate with AWS IoT core to create new things, update device shadows, create new rules add actions to rules, etc.

AWS SDK is an open-source & has good documentation and a lot of examples available. We can choose the SDK in the language of our choice. 


AWS IoT really provides a strong cloud-based foundation to convert innovative ideas into reality. It is very much scalable & can handle billions of connections & process messages received over those connections. It provides secure & reliable communications on all ends. It also allows us OTA updates for firmware & is highly flexible. It also allows us to integrate various other services (like AWS Lambda, SNS, Dynamodb, S3, etc.) with AWS IoT & make it quite simple to handle everything for users. We also have SDK available in various languages to use AWS IoT with our code.