What’s the AWS IoT Suite Like? – A Dozen Lego Kits Mixed Together

Recently, I’ve been hearing more and more chatter about Amazon’s AWS IoT tool suite, so I decided to do a bit of research to see what they have to offer. As with most Amazon development tools, there is a ton of documentation on these tools. But of course, the useful information is spread out across countless web pages and carefully hidden amongst a sea of marketing mumbo-jumbo. Nevertheless, I was eventually able to glean some useful information.

AWS IoT is a powerful tool suite which brings nearly all the power of Amazon’s developer tools within the grasp of low powered embedded devices. Amazon provides a clear path for integrating your devices with powerful computing, machine learning, data storage, and more. Below are some of the key components which make this possible.

Authorization and Data Flow

Before data can flow from your IoT gadget to the AWS cloud, it must first be authenticated and authorized. While this may feel like an annoyance and a barrier to entry, it’s for our own good.

When developing an IoT product, it’s important that malicious actors cannot easily gain access to your system or spoof devices. AWS IoT makes use of x.509 certificates to ensure proper access.

Typically, IoT systems use MQTT message brokers to coordinate communication between data producers and consumers via a publish/subscribe interface. AWS IoT does not diverge from the norm here. In addition to MQTT, endpoints can also connect to the message broker via MQTT-over-WebSocket, or HTTP using a REST API.

Device Shadow

Because IoT devices generally rely on an Internet connection, problems can arise when devices have patchy connectivity or are taken on and off the network intermittently for some reason. Amazon attempts to solve this problem with something called a Device Shadow.

A Device Shadow (also called a Thing Shadow) is essentially an in-memory representation of your device’s state that is maintained within AWS. When a device has connectivity, it can update the Device Shadow state with current info. Then, if the device goes offline, other clients can access the shadow information to determine the last known state of the device. Clients can even write to the Device Shadow so that when the device comes back online, it can see the requested change and update its state immediately.

Rules Engine

The Rules Engine is the crucial component which allows IoT devices to tap into the power of other AWS services. This includes pushing files to S3 buckets, sending push notifications with SNS, invoking Lambda functions, sending messages to Amazon Machine Learning, writing data to a DynamoDB database, and more.

Rules are registered within the system with a few pieces of information that describe what the rule does. When a message is published to the message broker, the Rules Engine tries to match the message against an SQL statement that is specified in the registration info. If a match is detected, the engine executes the action or actions specified in the registration info.

Device Registry and Management

Like most other IoT platforms, the AWS IoT suite provides a Device Management system to assist with device onboarding, organization, monitoring, and remote management. The Device Management console is useful for managing large fleets of devices and organizing them into hierarchical structures as you choose. It looks like Amazon is planning to offer support for pushing firmware updates to devices as well but that functionality appears to still be in Beta.

Device Software

Most of the tools described above are web-based tools that are used to integrate data and services. Amazon also provides a couple of software packages to assist you in creating embedded and mobile applications to get your devices connected to AWS.

Amazon FreeRTOS

Amazon FreeRTOS is a software package built on top of the popular FreeRTOS embedded operating system. It includes ports for several hardware platforms like ST Microelectronics, Microchip, etc.

The Amazon FreeRTOS software package includes libraries to get your device securely connected to the AWS core ecosystem, manage WiFi connections, and facilitate over-the-air firmware updates.


The AWS IoT SDK is used for writing applications that interact with the Amazon IoT services, but it can be used on a much larger range of devices than Amazon FreeRTOS. The SDK supports embedded C, C++, Android, iOS, JavaScript, Python, and more. Like the Amazon FreeRTOS library, the IoT SDK is mostly used for connecting hardware to the AWS cloud.


For certain, the Amazon IoT tool suite puts a lot of power at your fingertips. The range of services that your device can integrate with is seemingly endless. Everything from simple database storage all the way up to complex machine learning algorithms can be accomplished with enough time and configuration fun.

If you’re building a complex product, this tool suite might be exactly what you’re looking for. However, if you’re hoping to find a simple turn-key solution that you can get up and running in a couple of days, the Amazon ecosystem will probably be a bit more than you want to bite off. To me, it feels like a dozen Lego kits all mixed into one big box. You can build just about anything, but in order to do so, you have to spend a lot of time sorting through pieces and searching for what you need.