Authenticating with AWS IAM to invoke AWS API

I was unsure whether to put this in Firmware or Cloud Software, but ended up deciding that this is primarily a matter of programming the device itself.

I’m working on a proof-of-concept to use Argon in the next generation of a currently-existing product. In order to pull all the threads together, however, we need to be able to invoke an AWS API that requires IAM authentication.

I’ve searched both on and off of these forums, and the only thing I have determined is that WolfSSL will be necessary. Some developers have put together WolfSSL library ports for Particle*, which is great, but I’m not sure where to go from there, and I’m not even sure that this isn’t just a red herring.

Have any developers here successfully invoked an AWS API method that requires IAM authentication? If so, do you have any advice or first steps to offer?

Thank you.

*One of the two ports that appear in the Web IDE won’t even load, and the other seems to be an early WIP. This library seems promising, but I don’t have any testimonials to go off of.

I have not yet implemented AWS API calls with IAM, but will likely need to in the future, so I’ve looked a little into it. So far I’ve just compared libraries. WolfSSL looks good, but the license cost for a commercial application is out of my range at the moment, and the open source license is not compatible with my project.

While possibly not as full featured as WolfSSL, TlsTcpClient seems to be a good alternative with a license acceptable to me. I currently use MQTT-TLS to connect to AWS IoT Core and it’s been working very well with me. Written by the same author, @hirotakaster. I have been hoping for him to release a library that combines both MQTT TLS and raw sockets TLS (or even better, TlsHttpClient :slight_smile:). Using the two libraries in a single project currently causes conflicts. I may look into combining them myself at some point, but for now just exploring potential options.

1 Like

Moving this to the General section because the Firmware topic is really for discussions of the Particle firmware itself, not user firmware.

MQTT-TLS might just work for this application. Thanks!