Skip to content

Cloud Account

When you create a device cloud, the Builder will create the required cloud resources in an AWS account.

If you are creating a hosted device cloud, Ioto will create the cloud in an AWS account owned and operated by EmbedThis for you in a region of your chosing, close to your location.

If you are creating a dedicated device cloud, Ioto will create the cloud in your existing AWS account. It is best practice to create a dedicated AWS account for each device cloud you create and not use a pre-existing AWS account that is used for other purposes. This helps isolate problems and errors and can make issues much simpler.

Cloud Regions

The Ioto Device Cloud is created in the geographical region that you select. For efficiency, you should select a region that is closest to the majority of your devices. Another consideration is where do you want the device data to be stored.

Ioto stores device data in the region you nominate so you have total control and privacy regarding your device data. Device data goes directly from your devices to your device database in the device cloud in your region. The device data does not transit other third-parties services.

Dedicated Device Clouds

When you create a dedicated device cloud in your AWS account, the Builder and Ioto will create the following cloud resources:

  • An AWS DynamoDB database registry of your devices.
  • An AWS DynamoDB database exclusively for your device data.
  • AWS DynamoDB streams to replicate device data to and from the cloud.
  • An AWS API Gateway to authorize remote API access to device data.
  • An AWS Cognito User Pool to authenticate user access.
  • An AWS CloudFront and S3 site for the Ioto Device Manager site.
  • AWS Route53 domain for the Ioto Device Manager site.
  • AWS Lambda functions for cloud-side device management.
  • IAM Roles to restrict remote access.
  • AWS IoT Core policies and message routing rules.
  • AWS IoT Things to model your devices in the cloud.

AWS Pre-requisites

When you create an AWS account, AWS may not immediately grant you permission to create some resources that are required to support a device cloud. It is best to be proactive and immediately after creating the AWS account, ask AWS to increase the following limits:

  • Ability to create an AWS CloudFront web site
  • Ability to send emails from AWS SES

Ioto requires these abilities to complete creation of the device cloud and to create device managers. These approvals may take up to a few days.

When asking to increase your AWS SES limit, AWS will ask you several questions. The following FAQ will help you answer their form questions.

Q: Tell us how often you send email,

A: Emails will be sent by the Ioto manager when a user registers to create a new account or has account issues. The estimated rate will be per customer 1-2 times per month.

Q: How you maintain your recipient lists,

A: Customer sign up for our service and the customer gets a record in Cognito. The user list is managed in Cognito.

Q: How you manage bounces, complaints, and unsubscribe requests.

A: Customers must maintain a valid email address in their account as part of the TOS. CloudWatch metrics are used to track SES bound metrics.

Q: Provide examples of the email you plan to send so we can ensure that you are sending high-quality content.

PRODUCT NAME Welcome</h1>
Your NAME user account has been setup.

Please follow this link now and set your password:


This link will expire in 24 hours.

You recieved this message because ${email} was listed as the contact address
       when requesting the Embedthis Builder invite.