Skip to content

Configure AWS integration#

Follow this section to integrate your AWS services with Coiote IoT DM.


  • An active AWS subscription with access to IoT Core, CloudFormation, CloudWatch, Lambda and Secrets Manager in supported regions.
  • Installed AWS CLI.
  • A Coiote IoT DM user account with the awsiottenant role.


    It's recommended to create a Coiote IoT DM user account dedicated exclusively for the integration. Note that the integration will work correctly only until the user with the awsiottenant role exists in Coiote IoT DM and the AWS CloudFormation stack is appropriately configured.

Supported regions#

  • eu-central-1
  • eu-north-1
  • eu-west-1
  • eu-west-2
  • eu-west-3
  • us-east-1
  • us-east-2
  • us-west-1
  • us-west-2

If you cannot find your region, please create a GitHub issue or contact AVSystem.

Create a Coiote IoT DM REST user#

To start integrating AWS with Coiote IoT DM, you first need to create a user account that will be used to authorize and authenticate API calls from AWS in Coiote IoT DM. To do that:

  1. Go to your Coiote IoT DM account and from the Administration menu, select Users management.
  2. Select Add user and fill in the form: Add user button
    • Provide Email for new user (which will be its username) and select your domain from the Domain path drop-down list.
    • Remember to switch off the Require e-mail verification after first login and switch on Activate user account after creation toggle buttons. Add REST user 1
    • Click Next step
    • In the "Permissions" step select awsiottenant role Add REST user 2
    • Click Next step, review data and click Add user
    • Go to the User account details view
    • change a password if needed (remember to switch off Require user to change password on next login)
    • remove Accept Terms of Service from the Next login actions Add REST user 3

Set up the AWS integration#

  1. Get the AWS Data Plane Endpoint Address
    • Open your command line and run the following command:
      aws iot describe-endpoint --endpoint-type iot:Data-ATS --region <desired-region-for-the-integration>
    • Copy the returned result.
      Copy data plane endpoint address
  2. In your Coiote IoT DM user account, go to IntegrationsAWS Integration AWS Integration menu link
  3. On the AWS IoT Core tile click Connect
  4. In the dialog window, paste the previously copied AWS Data Plane Endpoint Address into the relevant field. Remember to append :8443 port to the pasted value
    AWS Integration configuration
  • After those steps in the Device groups panel a new group AWSIotCoreIntegration should be created. AWS IoT Core Group

Once the setup is completed you may add your LwM2M devices to the AWSIotCoreIntegration group to synchronize them with AWS IoT Core.

Add AWS resources using the integration repository#


To complete this step, make sure you have the appropriate AWS permissions to enter the CloudFormation service and create a stack (for details, see the AWS CloudFormation User Guide).

To add the resources needed for the integration to your AWS services:

  1. Go to the AWS Console page ( and sign in. Make sure that you are in the right region. From the list of services, select CloudFormation .
  2. Create a new stack. Use the template of Amazon S3 URL from below and change placeholders [REGION-NAME] to the one you use and is supported.
    Choose template file
  3. Choose a name for the stack and provide the parameters:


    The credentials you provide at this point should belong to the user with access to the Coiote IoT DM group which stores the AWS configuration set in a previous step.

    • coioteDMrestUsername - username of the created Coiote IoT DM account.
    • coioteDMrestPassword - password of the created Coiote IoT DM account.
    • coioteDMrestUri - URL address and port of your Coiote IoT DM installation. The port should always be 8088 to enable proper mTLS-based authentication.


      For some installations, port is not required. If you don't know what port to choose, contact our support.

      Change stack parameters

  4. Finalize configuring the stack and wait for its creation to finish.

  5. Once the stack is created successfully, the devices in your integration group will be automatically migrated to the AWS IoT Core.
  6. To check if your integration works correctly, go to AWS IoT Core, and from the menu, select Manage > Things, then see if your devices are listed as in here: Migrated things

Next steps#

To learn how to perform operations on your devices, please see the Performing LwM2M operations chapter.

Removing the integration#

To remove the integration of AWS and Coiote IoT DM, follow the following steps:

  1. In Coiote IoT DM remove all the devices from the AWSiotCoreCertAuth group.
  2. Go to the CloudFormation service in AWS and select the stack that was created while setting up the integration.
  3. Delete the stack. Delete stack
  4. Go to the S3 service in AWS and select the bucket with the lambda code files.
  5. Delete the files. Delete files

Last update: March 25, 2024