Provision a certificate for your device or application

Now you’ll create a thing in the AWS IoT Services console, which you’ll later associate with your LinkIt ONE board. Then you’ll associate your AWS user account credentials with the AWS IoT access keys for use in your application.

Quick steps:

  • Create an AWS user account.
  • Create a thing in the AWS IoT dashboard.
  • Generate AWS access keys, a policy and a certificate. 

Next: Create and run your first sketch on AWS IoT Kit.


The AWS IoT Services Developer Guide suggests several different ways to create and configure certificates for use in device recognition and communication with AWS IoT server and its services:

  1. AWS IoT Console.
  2. AWS IoT CLI.
  3. AWS IoT SDKs.
  4. AWS IoT API.
  5. AWS IoT Thing SDK for C.

This guide uses AWS IoT console. The process is described in detail in the AWS IoT Developer Guide, the following is a summary with links to the details in the developer guide if needed.

Step 1 — Create an AWS user account

  1. Create an AWS user account.
  2. Follow the instructions here to create your access key ID and secret access key.

Step 2 — Create a thing

  1. Open the AWS IoT console.
  2. If this is your first visit to the console click the get started buttons, else click Resources in the header. Then click Create a resource, as shown below.

  3. Click Create a thing.

  4. Provide a unique Name to represent your device in the cloud. Please make a note of the thing’s name, you’ll configure your software using this name.

  5. Click Create to create and save the thing.
  6. View the details of your newly created thing by clicking View Thing.

  7. Make a note of the region the device operates on, as shown below. This will be used later in the software implementation.

Step 3 — Create a custom policy and attach it to your newly created thing

The process of creating and registering a certificate with AWS IoT is called provisioning. Once a certificate is provisioned and activated it can be installed on the LinkIt ONE board you want to send requests to AWS IoT. Authorization is controlled by JSON policy files that enable you to specify which resources a specific device (certificate) may access. Authorization is done using an IoT policy to determine what IoT operations the owner of the certificate can perform, see “Create and attach an AWS IoT Policy to Your Certificate policy” in the AWS IoT Developer Guide. To complete this step, see “Provision a Certificate” in the AWS IoT Developer Guide. Use the following approach to create and activate a certificate with AWS IoT key pair provided.

  1. On the Detail menu associated with the newly created thing, click Connect a device.
  2. From the list of supported SDKs, select Embedded C

  3. Click Generate Certificate and Policy

  4. Follow the instructions and download the files for the Private Key and Certificate to your local drive. You can rename the files if you wish. 

  5. Click Confirm and Start Connecting.
  6. Now activate and associate the certificates with the thing and the policy.
    1. Select the certificate, and then click Actions, as shown below. 

    2. Click Attach a policy. Follow the instructions on the screen and confirm the actions.
    3. Click Activate to finalize the process.
    4. Repeat the process to attach a thing.

You’ve now successfully created an AWS thing and associated with your AWS account credentials. You can now use the key and the certificate to program your application. 

Next: Create and run your first sketch on AWS IoT Kit.