A collection of configuration templates for AWS IoT (such as IoT 1-Click, Analytics, Device Advisor and Events) resources as well as security controls for monitoring and protecting AWS IoT configuration such as Config Rules, CloudWatch Alarms, EventBridge Rules, IAM policies, and more.

IoT
AWS IoT Greengrass Group

This template creates a group version with a core, device, function, logger, subscription, and resources. It includes parameters to specify the certificate ARNs for the core and device, as well as the ARN of the source Lambda function. The template uses intrinsic functions like Ref and GetAtt to reference IDs, ARNs, and other attributes required to create Greengrass resources.

CloudFormationTerraform
AWS IoT Thing Principal Attachment

This template attaches a principal to an IoT thing.

CloudFormationTerraform
AWS IoT Topic Rule

This template creates an AWS IoT topic rule. The rule is disabled and it selects temperature data from a specific topic where the temperature is greater than 60. The action is to store the data in an S3 bucket with a specific key.

CloudFormationTerraform
AWS IoT Policy

This template creates an AWS IoT policy that grants permission to connect to AWS IoT with a specific client ID. The policy allows the 'iot:Connect' action on the specified resource.

CloudFormationTerraform
AWS IoT Policy Principal Attachment

This CloudFormation template attaches a policy to a principal in AWS IoT, allowing the principal to access and perform actions on IoT resources.

CloudFormationTerraform
AWS IoT Scheduled Audit

This template creates an AWS IoT scheduled audit. The audit is scheduled to occur every Monday and has a frequency of weekly. All audit checks are enabled, including checks for authenticated Cognito roles, expiring CA certificates, key quality of CA certificates, conflicting client IDs, expiring device certificates, key quality of device certificates, shared device certificates, overly permissive IoT policies, IoT role aliases allowing access to unused services, overly permissive IoT role aliases, disabled logging, revoked CA certificates still active, revoked device certificates still active, and overly permissive unauthenticated Cognito roles.

CloudFormationTerraform
AWS IoT Security Profile

This template creates an AWS IoT Security Profile. The Security Profile contains expected behaviors for connected devices and is associated with a specific set of target ARNs. It also includes additional metrics to retain, alert targets, and behaviors with their respective criteria. The Security Profile is tagged with an application name.

CloudFormationTerraform
AWS IoT Thing

This template creates an AWS IoT Thing with customizable attributes

CloudFormationTerraform
AWS IoT Account Audit Configuration

This template creates an AWS IoT Account Audit Configuration. It includes configurations for various audit checks such as Authenticated Cognito Role Overly Permissive Check, CA Certificate Expiring Check, Device Certificate Key Quality Check, and more.

CloudFormationTerraform
AWS IoT Custom Metric

This template creates an IoT custom metric for tracking the remaining battery percentage.

CloudFormationTerraform
AWS IoT Dimension

This CloudFormation template creates an IoT dimension for filtering authentication messages from IoT devices in a Smart Home application.

CloudFormationTerraform
AWS IoT Mitigation Action

This template creates an IoT mitigation action that publishes findings to an SNS topic. It also creates an SNS topic and a subscription to an email endpoint.

CloudFormationTerraform