To enhance the ability of solution developers to create differentiated IoT applications that can scale to large numbers, Amazon Web Services created the AWS IoT solution. AWS provides security certificates for each IoT device (gateway) and a specific "shadow" that will reflect the current state of the device. This AWS shadow can be combined with a host of other available AWS tools for data integration, storage, notifications, etc.

In order to assist our customers that wish to leverage the power of the AWS solution, but have not created resources to configure and manage the shadow and IoT device infrastructure, EdgeIQ has developed a solution that can be combined with AWS to speed development. Using either EdgeIQ RESTful API’s or our device management solution EdgeIQ Portal, developers can use EdgeIQ to quickly configure and manage the resources and quickly start leveraging the power of the AWS IoT shadow.

EdgeIQ is working with AWS through the APN to bring this combined solution to the market leveraging the strengths of both companies and bringing an industry-leading solution to market.

Key features of the EdgeIQ/AWS IoT Integration

  • Simplified AWS Shadow and Device Creation: EdgeIQ’s EdgeIQ Portal will set up the necessary resources on AWS IoT to interface to your device
  • Configuration of EdgeIQ Edge: The EdgeIQ Portal will update the configuration on the device/gateway with the required certificates and URLs to enable posting to AWS
  • Setup of rules to enable reporting of information to the appropriate AWS Shadow
  • Ability to manage your devices and change configurations as required
  • Automate the installation and configuration of AWS Greengrass Core software (V1 or V2) on your Edge Device (optional)

Using EdgeIQ to create/configure/manage an AWS IoT Gateway

Step 1 – Integrate EdgeIQ Edge

The EdgeIQ Edge solution is designed to operate on a wide variety of embedded Linux solutions. Edge provides a wide variety of services including those which assist with AWS IoT integration. Included in those services are data ingestion, device management, data management, local rules and events, local RESTful APIs, and various communications tools to communicate with AWS IoT.

Leveraging a very small footprint GO language solution, EdgeIQ Edge can be installed as a service on most small footprint Linux architectures. A wide variety of architects are supported and EdgeIQ can assist in the efforts necessary for integrating our Edge solution.

EdgeIQ Edge Gateways can be configured to allow data flow from the AWS IoT platform directly. Once configured, the user can utilize AWS IoT tools (Web UI, CLI) or publish directly to the AWS MQTT server to control the data on the Edge Gateway.

Step 2 – Create an AWS IoT integration within the EdgeIQ Portal

In order to allow the EdgeIQ Portal to manage IoT, Greengrass, and Lambda services, you'll need to create an assumed role in your AWS IAM. You can use this CloudFormation template EdgeIQ AWS IoT Integration Cloud Formation Template V2 to create the role, then use the new assume role's ARN and External ID to create a new AWS Integration. This template supports all use cases: AWS IoT only, AWS IoT + Greengrass V1, and AWS IoT + Greengrass V2.

Legacy only: In case you need to reconfigure an existing setup based on Greengrass V1, you can use the following template: EdgeIQ AWS IoT Integration Cloud Formation Template V1

More detailed steps on how to create an AWS IoT integration within the EdgeIQ portal can be found here: Configure AWS IoT Core Integration

Step 3 – Create a Device Type for your device if it does not already exist in your account

When new devices or gateways are added to EdgeIQ Portal, it is important for the system to know the model (Device Type) of the unit being added. This data is used to configure Edge to understand that the device will be an AWS-enabled unit. This activity is typically a one-time activity that can be done using RESTful APIs within the EdgeIQ service or can be pre-configured for your EdgeIQ Portal account.

Step 4 – Create an AWS Gateway Device

Each device that will report into the AWS Shadow resource will need to be created within EdgeIQ Edge to enable the software to support AWS reporting. This process will create the ‘thing’ resource that represents this device in AWS IoT. As part of this process the system will:

  • Generate the SSL Certificate and default policy
  • Attach the policy to the certificate
  • Attach the certificate to the ‘thing’ resource

If Greengrass is selected, the system will additionally:

  • Create a Greengrass Group and Core
  • Assign the 'thing' resource to the Core
  • Edge will download, install, and configure the AWS Greengrass Core daemon on the Gateway Device

Once this process is completed, all the necessary elements have been created to enable your device to report into the AWS shadow. Reporting specific elements or values to your shadow is managed by the local Edge Rules service.

Adding Devices to your Shadow and Gateway

EdgeIQ and its Edge solution have the concept of an "attached device". You can think of this as a device that is connected to your gateway. It might be a sensor, an actuator, or a piece of monitored equipment. Using EdgeIQ Portal, you can easily manage those and also create AWS IoT resources for those elements. This is done in a similar way to creating the gateway device.

Attached devices do not need to run the EdgeIQ Edge solution. They only need to connect to the gateway using a wide variety of physical and network protocols. Various tools are available to assist with this integration within Edge.

In order to create the AWS IoT Integration for the attached devices, follow these steps:

Step 1 – Create a Device Type for the attached device.

Similar to the step completed above, Edge must know basic information about the device in order to manage communications with that device. One of the main differences in this device type will be the concept of Ingestors, Commands, and Translators. Edge has a variety of configurable options that can be used for this integration including pre-built configurations.

Step 2 – Create a Device record for the attached device.

Using the method described previously, you will need to define the elements to be reported to AWS.

After completing this step, all the necessary certificates will be loaded into the Edge solution to allow for those attached devices to be visible within the AWS IoT service.

Using Local Rules to Control Data Flow to AWS IoT

Once your devices have been defined, you can use EdgeIQ Portal to configure your gateways to relay only specific elements of data to your AWS Cloud. A wide variety of conditions can be defined (logical, value changed, value-based, etc.). Using these rules you can manage the amount of data being relayed to AWS from your Edge device. There is no coding required by the developer to enable this management.

Viewing your Resources on AWS Shadow

Once you have created your devices and linked them to your AWS account, information from your sources will be synced to AWS IoT based on the rule conditions that have been defined for your reports. You are able to login to the AWS IoT web page or use AWS APIs to access data being automatically pushed to your shadows.

Updating Resources

Resources can be updated using the EdgeIQ Portal web application, or making the appropriate RESTful service calls to EdgeIQ. All elements of the configuration can be changed including the certificates, resources, and rules.

For further information on all API’s provided by EdgeIQ to manage your AWS IoT resources, see our full API Overrview.

Appendix: Base Requirements for the Gateway Device

To successfully setup and operate the EdgeIQ Edge software in conjunction with AWS Greengrass, the following requirements must be met.


An AWS IoT integration has no special requirements except that the CloudFormation template (see below) must be applied to your account.

AWS IoT + Greengrass

Greengrass V1:

  • Linux OS (kernel 3.17 or higher)
  • ARM (v6 or higher), x86, or x86_64 CPU architecture
  • 128 MB of memory
  • 128 MB of disk space

Requirements specific to the Edge + Greengrass integration:

  • unzip command line utility
  • Python 3 (to run the heartbeat lambda function)
  • systemd

These are the base requirements to run Greengrass Core, if you use additional features, please consult the detailed requirements: AWS Greengrass V1 Requirements

Additional requirements for Greengrass V2:

  • ARM (v7 or higher) or x86_64 CPU architecture
  • 256 MB disk space
  • Java Runtime (JRE) version 8 or greater (Greengrass V2 is based on Java)

If you plan on using additional features of Greengrass V2, please consult the detailed requirements: AWS Greengrass V2 Requirements