Before using the btibAWS IoT you must first have an AWS account, follow this link to do so: https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/

Setup API Key

---

Niagara needs an api key to access AWS IoT Services and manage devices:

1. Go to the IAM page on the AWS console.
   
   
   
   
   
2. Then Users
   
   
   
   
   
3. Click Add User button
   
   
   
   
   
4. Give your username, then click next.
   
   
   
   
   
5. Then Attach policies directly, Then hit Create policy. A new tab will open.
   
   
   
   
   
6.  Select the Iot service
   
   
   
   
   
7. Allow All IoT actions
   
   
8. Allow All resources
   
   

1. Then hit Next.
2. Give your policy a name, make sure that you have full access on the summary. finally hit Create policy
   
   
   
   
   
3. Now go back to the "Add user" page hit refresh (top right), look for your policy on the search field, select it and click Next.
   
   
   
   
4. Add tags (optional). Then hit Next
   
   
5. Finally hit Create User. 
6. Your User was successfully created. Click on View user 
   
   
   
   
7. Go in the Security credentials Tab and create an access key
   
   
   
   
   
8. Select Third-party service, check the "I understand..." checkbox and click Next
   
   
   
9. Click on Create access key
   
   
   
10. Retrieve you access keys (either copy paste your values or download the .csv file)
    
    

Setup Devices certificates

---

AWS uses Asymmetric keys for device authentication and authorization.

To create a key pair and a certificate follow these steps:

1. On services, Go to IoT Core Service
   
   
   
   
2. Then secure → Certificates
   
   
   
   
3. On the top right corner hit Create.
   
   
   
   
   
4. Then Create Certificate
   
   
   
   
   
5. Download the certificate, the public key (optional), the private key and the AWS CA certificate, 
   
   
   
   
6. Then Activate the certificate, Then hit Done.
7. Now go to Policies and hit Create
   
   
   
   
8. Give your policy a name. on action type "iot:*" . on resource ARN type "*". Then check Allow on Effect
   
   
   
   
9. Go back to certificates. Choose the certificate you created earlier.
   
   
   
   
   
10. Under Actions select Attach policy
    
    
    
    
11. Select your policy then hit Attach.
    
    
    
    
    
12. Now note down your certificate ARN, we will need it later.
    
    
    
    

Recap

---

Let's recap, after all theses steps you should have 6 things:

• The credentials csv file for AWS user that contains the client access id and secret.
• The certificate file.
• The private key file.
• The public key file (optional).
• The AWS CA key file.
• And last but not least the ARN certificate

Congrats !!! You finished the AWS setup go to next step:

Next Step

---

Step 2 Set up AWS connector for devices points and references