Skip to main content
Open Source Embedded Hacks
AWS IoT on Raspberry Pi with 25 MB Buildroot Linux
  1. Blog/

AWS IoT on Raspberry Pi with 25 MB Buildroot Linux

·3 mins· loading · loading ·
Embedded & IoT Raspberry Pi AWS IoT Buildroot Custom Linux IoT SDK Embedded MQTT
Albert David
Author
Albert David
Electronics, IoT, and Embedded Systems
Table of Contents

Six simple steps to get an AWS IoT Device SDK demo running on a Raspberry Pi 4 — using a lightweight custom Linux image built with Buildroot (just under 25 MB).

Quick start
#

  1. Download sdcard-pi4-aws-iot-demo.img.xz (~25 MB)
  2. Write the image to an SD card using Balena Etcher
  3. Unplug and re-plug the SD card so the boot partition appears on your PC
  4. Open aws-iot-pubsub-agent.conf and set your AWS IoT endpoint
  5. Copy your AWS-generated device certificate (xyz-certificate.pem) and private key (xyz-private.pem.key) to the boot partition
  6. Insert the SD card into the Raspberry Pi 4, power on — the aws-iot-pubsub-agent will start publishing messages to your AWS IoT Core

The following image shows steps 4, 5, and 6 in detail:

SD card configuration — endpoint, certificates, and boot
Steps 4–6: configure endpoint, copy certificates, and boot the Pi.

AWS cloud preparation
#

Before booting the Pi, set up the following on console.aws.amazon.com:

  1. Create an AWS IoT account (payment details required even for the free tier)
  2. Navigate to IoT Core
  3. Go to Manage → All Devices → Things → Create Thing
  4. Download the device certificate and private key (copy these to the SD card boot partition as described in step 5 above)
  5. Go to Settings and note your Endpoint (needed for step 4 above)
  6. Go to Security → Policies and create a policy with 4 entries as shown below:
AWS IoT security policy configuration
AWS IoT security policy — required permissions for the device.

Building the image from source
#

Two commands to build the SD card image (detailed instructions in the git repository):

make -C buildroot BR2_EXTERNAL=../ BR2_DL_DIR=../../br-dl O=../../br-output raspberrypi4_aws_iot_defconfig
make -C buildroot BR2_EXTERNAL=../ BR2_DL_DIR=../../br-dl O=../../br-output

Buildroot customizations
#

Key changes in the Raspberry Pi 4 Buildroot config for this AWS demo image:

  1. Enabled Dropbear SSH for remote debugging without monitor/keyboard
  2. Added Buildroot package for aws-iot-device-sdk-cpp-v2
  3. Added Buildroot package for aws-iot-pubsub-agent
  4. Enabled chrony for time sync (required for TLS handshake)
  5. Enabled SDK dependencies (host-cmake, libcurl, openssl, util-linux)
  6. Included AmazonRootCA1.pem in /etc/
  7. Added aws-iot-pubsub-agent.conf to rootfs for the agent startup script
  8. Added /etc/init.d/S03MountBoot to mount the boot partition at /mnt/certs (contains certificates, key, and config)
  9. Included startup script for aws-iot-pubsub-agent

After booting
#

  1. Connect the Raspberry Pi 4 to a DHCP network with internet access
  2. Find the Pi on your network using hostname buildroot or its assigned IP
  3. Log in via SSH: ssh root@192.168.x.y (password: brb0x)
  4. Check the publish log: cat /tmp/aws-iot-pubsub-agent.log
  5. To modify the aws-iot-pubsub-agent code, see how to cross-compile and run on target
Note

If everything is configured correctly (SD card and AWS security policies), Hello World! messages will appear on your AWS IoT Core console:

AWS IoT Core showing Hello World messages from Raspberry Pi
AWS IoT Core — Hello World messages arriving from the Raspberry Pi 4.

github.com/hackboxguy/br-wrapper

sdcard-pi4-aws-iot-demo.img.xz

Related