Need help with aws-mqtt-websockets?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

209 Stars 63 Forks GNU Lesser General Public License v3.0 64 Commits 24 Opened issues


Implementation of a middleware to use AWS MQTT service through websockets, aiming the ESP8266 plataform

Services available


Need anything else?

Contributors list


Implementation of a middleware to use AWS MQTT service through websockets. Aiming the esp8266 platform


  • 1.3.0 - update lib and pubsubclient example to use the newest versions of arduino/esp (2.7.3), arduinoWebSocket (2.2.0) and pubsubclient (2.8.0) - now you need to use a certificate to connect to AWS - you can use the one in the pubsubclient example that expires in 2037
  • 1.2.0 - using pubsubclient there isn't the "many reconnection issue" (see pubsubclient example to migrate from paho) - get time from - tested with arduinoWebSockets v.2.1.0, arduino/esp sdk 2.4.1 and pubsubclient version v2.6.0
  • 1.1.0 - can use AWS STS temporary credentials - change some dynamic to static memory allocation to avoid memory fragmentation
  • 1.0.1 - works with arduinoWebSockets v.2.0.5 and arduino/esp sdk 2.3.0
  • 1.0.alpha - stable - works with arduinoWebSockets v.2.0.2 and arduino/esp sdk 2.1.0
  • 0.3 - own impl of circular buffer
  • 0.2 - auto reconnection
  • 0.1 - has known limitation and it was not extensively tested


As we cannot use AWS MQTT service directly because of the lack of support for TLS 1.2*, we need to use the websocket communication as a transport layer for MQTT through SSL (supported by esp8266)

This way we can change the state of your esp8266 devices in realtime, without using the AWS Restful API and busy-waiting inefficient approach.

  • now you can use TLS 1.2 and use the certificates generated by amazon. Here is it an example if you wanna try


if you fell like thank me, you can buy me a coffe (or a beer) cheers!


| Library | Link | Use | |---------------------------|-----------------------------------------------------------------|---------------------| |aws-sdk-arduino | |aws signing functions| |arduinoWebSockets | |websocket comm impl |

Works with these MQTT clients - Use one or another - see examples

| Library | Link | Use | |-------------------------------|-----------------------------------------------------------------|---------------------| |PubSubClient (recommended) | |mqtt comm impl | |Paho MQTT for Arduino | |mqtt comm impl |


  1. Configure your arduino ide to compile and upload programs to ESP8266 (Arduino core for ESP8266 - details )**
  2. Install all the dependencies as Arduino Libraries
  3. Install aws-mqtt-websockets as Arduino Library as well
  4. Configure the example file with your AWS credencials and endpoints (remember to grant iot permissions for your user)
  5. Compile, upload and run!

** The library was tested with 2.7.3 version of Arduino core for ESP8266


It is transparent. It is the same as the usage of Paho. There is just some changes in the connection step. See the example for details. Things you should edit in the example: * ssid and password to connect to wifi * domain/endpoint for your aws iot service * region of your aws iot service * aws user key ** * aws user secret key

** It is a good practice creating a new user (and grant just iot services permission). Avoid use the key/secret key of your main aws console user

 //AWS IOT config, change these:
char wifi_ssid[]       = "your-ssid";
char wifi_password[]   = "your-password";
char aws_endpoint[]    = "";
char aws_key[]         = "your-iam-key";
char aws_secret[]      = "your-iam-secret-key";
char aws_region[]      = "eu-west-1";
const char* aws_topic  = "$aws/things/your-device/shadow/update";
int port = 443;

//MQTT config const int maxMQTTpackageSize = 128; const int maxMQTTMessageHandlers = 1;

## Grant IoT Permission in AWS Console

  • Go to
  • Then click IAM
  • Then click policy. find your policy or create a new policy
  • set service to IOT
  • set action to iot:*
  • set resouce to all resources

## AWS STS Temporary Credential

To avoid having a long term credential hardcoded in our device, you can create temporary credentials that will last up to 36 hours using the AWS STS service (learn more here

Using STS you will get a AWS key, AWS secret and AWS token. To inform the AWS token, use the following method

 //it is just an example. As the credential last up to 36 hours, you will need to get temporary credential every 36 hours
 //you won't use it hard coded
 char token[] = 'FQoDYXdzEHgaDN7ZQSxqszH+LgBTXCKsAeU5dsW/g3BK01wyYoBk0vnCfz+D19w2kslSC5drDXyN9Nxx14WcgrOOWNxHsLRDPkcrYhw6DIkW1Nvv1mKu3i86riq19qhBose7v1XngRLBQwgfU/HnlIzJegNEEGgeMAkX0ErF77WfV2pxCzF6ZMRv7kn+a6yE2LURLg/M8eq3lYoyQcJFq55JfVPVUIpx/avEsjgCR/MvlHXlhtJqviClB3mRlvwBcz4vpq4ogpKnzAU=';
 awsWSclient.setAWSToken (token);

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.