Abusing AWS IOT Gateway to create a serverless chat system
Switch branches/tags
Nothing to show
Clone or download
Latest commit 9a93549 Feb 15, 2017
Failed to load latest commit information.
src reply from server Feb 15, 2017
.eslintrc.json initial commit and refactor Feb 14, 2017
.gitignore cleanup old code Feb 15, 2017
README.md reply from server Feb 15, 2017
package.json bootstrap styling Feb 15, 2017
webpack.config.js bootstrap styling Feb 15, 2017


Serverless chat

This is an example project showing how to abuse AWS IOT Gateway to create a massively-scalable online chat system using a static HTML page.

IOT Gateway supports websockets, which can be used to connect browsers directly to a message queue, and send/receive messages connected to hierarchical topics. In this case, we're allowing anonymous users to subscribe to any topic starting with /chat/ (check the unauthenticated policy for more information. The security is enforced using normal AWS IAM policies, and provided through AWS Cognito authentication, which allows us to assign IAM policies to unauthenticated users.

The result is that chat allows anonymous users to access exchange messages through hierarchical chat topics, without any active server components we need to maintain.


Find your aws gateway name:

aws iot describe-endpoint --query endpointAddress --output text

Create a Cognito Identity Pool for Federated Identities (not a Cognito User Pool).

For unauthenticated access, do the following when creating the identity pool:

  • enable access to unauthenticated identities
  • no need to attach authentication providers
  • on 'Your Cognito identities require access to your resources' screen open up the 'Show details' dropdown and adjust role names if you want
  • go to IAM, then add the unauthenticated policy to your unauthenticated access role


  1. create ./env/<ENV NAME>.json for your environment, with
  "iotGatewayName": "<YOUR IOT GATEWAY NAME>",
  "cognitoIdentityPoolId": "<YOUR COGNITO IDENTITY POOL ID>"

Building for development usagw

  1. create dev.json in ./env as described in the Configuring section
  2. npm run rebuild
  3. npm run serve-dev

Building for production usage

  1. create production.json in ./env
  2. npm run rebuild --serverless-chat:buildenv=production
  3. upload the site folder somewhere

Posting an update directly to the gateway

Check out the src/util/post-message.js to see how you can also post messages directly to chat channels (eg a system notification, or replying to messages from a Lambda function.


  1. Add sender info
  2. authenticated access
  3. automated config
  4. Connection keep-alive/reconnect

More info