AWS IoT Device Onboarding

Open the AWS Management Console. In the navigation pane, under AWS IoT Core, select Onboard, and then select Fleet Provisioning Templates. Note: The first visit may include an introduction, where you'll navigate to Onboard Many devices/Create Templates. Select Create.

AWS IoT Device Onboarding
Procedure 1 – Create a Provisioning Template
  1. Open the AWS Management Console.
  2. In the navigation pane, under AWS IoT Core, select Onboard, and then select Fleet Provisioning Templates. Note: The first visit may include an introduction, where you'll navigate to Onboard Many devices/Create Templates.
  3. Select Create.

We're talking about provisioning devices in cloud.

If you (or your organization) are adding your own devices to your own cloud, then it's quite easy to automate. Steps 1 and 2 are the cloud-side part of provisioning - just install the required SDK-s and write a script in your favorite supported scripting language to do the dirty work. For steps 3 and 4 you just use the device's own Flash to store the device certificates. Espressif has a useful non-volatile storage system called NVS - it's fairly easy to use and supports Flash encryption (this bit could be more elegant, but it works). You can use their NVS Partition Generator to pre-create the required storage with the device's certs in it, then flash it into the device when setting it up. Device-side provisioning can be scripted together with cloud-side provisioning so you can do the whole thing in a single step. The Arduino IDE is not the tool to use, though. You just need the final program binaries, but everything else you need to create on your own.

If you're talking about a third party taking your device and provisioning it in their cloud, this is a bit more difficult (but not impossible). Presumably, they need to do steps 1 & 2 on their own and you need to give them a way to configure their AWS endpoints and certificates on the device. So you need to build some interface that allows them to do it.