.. module:: default_credentials

*******************************************
Amazon Web Services IoT Default Credentials
*******************************************

The Zerynth AWS IoT Default Credentials module is useful to achieve a zero-time startup for your AWS IoT project powered by Zerynth.

It makes it really simple to load connection credentials, which could be stored on flash or in a secure element, by means of a single call to the :func:`load` function.

    
.. function:: load()

    This function returns:

        * AWS IoT endpoint for the device to connect to;
        * device Mqtt ID;
        * client certificate to be sent to AWS;
        * device private key.

    Endpoint and Mqtt ID are retrieved from the ``thing.conf.json`` configuration file which has to be put in the project and filled like this: ::

        {
            "endpoint": "myendpoint.iot.my-region.amazonaws.com",
            "mqttid": "mymqttid"
        }

    Client certificate is retrieved from ``certificate.pem.crt`` file which must be put in the project, too.
    On the other hand the private key can be retrieved from different sources depending on the presence of the ``ZERYNTH_HWCRYPTO_ATECCx08A`` define inside the Zerynth project ``project.yml`` file.

        * without ``ZERYNTH_HWCRYPTO_ATECCx08A``, the private key is taken from ``private.pem.key`` file put in the project and stored on flash (unsafe for production purposes)
        * with ``ZERYNTH_HWCRYPTO_ATECCx08A``, the private key is stored inside a secure element, returned private key is an empty string and the ``thing.conf.json`` needs extra configuration fields: ::

            {
                "crypto_drv": 0 # I2C the secure element is connected to, 0 for I2C0
                "crypto_addr": 88, # I2C address of the secure element
                "crypto_clock": 100000, # I2C clock (Hz) of the secure element 
                "crypto_slot": 2 # slot of the secure element where the private key is stored
            }