Create an AWS policy that allows your device to connect and send message to AWS IoT.

To create a policy in AWS:

1. In the AWS IoT console, expand Secure, and then click Policies.
2. If a You don't have any policies yet dialog box appears, choose Create a policy. Otherwise, choose Create.
   
   
3. Enter a name for the AWS IoT policy (for example, NewPolicy).
   
4. Click on Advanced mode, replace the existing policy with the following JSON. Replace <region> and <account> with your AWS Region and AWS account number.
   
   The thing name (NewThing ) and topic (TestTopic) should exactly match with the name of the thing and topic you will create in the following topics.
   
   
   Copy to Clipboard

   {
     "Version": "2012-10-17",
     "Statement": [
       {
         "Effect": "Allow",
         "Action": "iot:Connect",
         "Resource": "arn:aws:iot:<region>:<account>:client/NewThing"
       },
       {
         "Effect": "Allow",
         "Action": "iot:Publish",
         "Resource": "arn:aws:iot:<region>:<account>:topic/TestTopic"
       },
       {
         "Effect": "Allow",
         "Action": "iot:Subscribe",
         "Resource": "arn:aws:iot:<region>:<account>:topicfilter/TestTopic"
       },
       {
         "Effect": "Allow",
         "Action": "iot:Receive",
         "Resource": "arn:aws:iot:<region>:<account>:topic/TestTopic"
       }
     ]
   }

5. Click Create

1. Login to the AWS IoT console and search for IoT Core and press Enter.
   
   
2. In the IoT Core service, Click Manage.
   
3. Click Things.
   
   
   If You don't have any things yet dialog is displayed, then you need to Register your thing.
4. Click Register a thing. Otherwise, choose Create.
5. Click Create a single thing.
   
   
   Add your device to the thing registry page appears.
6. On the Add your device to the thing registry page, enter a name for your IoT thing (for example, NewThing), and then choose Next. You will not be able to change the name of a thing after you create it. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.
   
   
   Add a certificate for your thing page appears, that allows you to configure the thing's security settings.
7. On the Add a certificate for your thing page, choose Create certificate.
   
   
   A page confirming that the certificates are created appears.
8. Click on the following three Download links to download the
   When performing this step, take very careful note of where the certificate and key files are saved. If you lose them, you will have to create and attach a new certificate or delete this thing and start again. Your browser will typically save them to its Downloads folder, but you may want to move them to a more secure location.
   1. certificate
   2. private key
   3. root CA certificate (Download Amazon Root CA 1, copy and paste on a notepad and provide a location to save the certificate as a pem file. For example: AWSRoot.pem).
      
9. Click Activate, to activate the certificate.
   A Success message appears confirming the successful activation of the certificate appears.
10. After downloading the certificates, you have to attach a policy to the certificate. To attach a policy to newly created certificate, click Attach a policy.
    Add a policy for your thing page appears.
11. Select a policy (NewPolicy) already created and click Register Thing.
    
    You have now successfully created a thing called NewThing to which you will be publishing data. The thing has a certificate and a private key to identify it, and you will upload these files to the deviceWISE. The thing's certificate has been assigned a policy that tells the AWS the actions the thing is allowed to perform. You have also downloaded a root certificate that will authenticate the Amazon server to the deviceWISE node.