Automating your firmware upload, device-cloud configuration and monitoring for the IoT world

Designing a ‘smart’ product should also include the vision of fast firmware uploading, configuring device with the cloud securely and automation to meet demands and keep important data pouring seamlessly into the cloud. Here’s how you can do it.

We have learned through multiple iterative development cycles, that one of the most important qualities for a product is scalability and as for a designer, envisioning the product a couple of months or years down the road depending on their predicted growth is of paramount importance. To be confident in your product, you will surely have to think about building it towards the impact you want it to create, and do so right from the start. Failure to do this could impact sales, quality and in many cases, failure of a product that was otherwise splendid!

One of the things that needs due consideration is flashing the devices with firmware during manufacturing. Now that you did everything right, and you’re shipping thousands of units every day, to make this manufacturing process significantly more efficient, saving time and effort becomes a key ingredient to higher sales and hence contributing to even higher success of the product. That is why this particular time, I will talk about automating flashing/burning firmware into your products while saving time and effort with an example on the colossal ESP32.

Espressif has given us the esptool utility to take care of multiple such needs required in order to scale our manufacturing. It is a python-based, open-source utility that can be used to communicate with the ESP32 bootloader. For details, visit esptool repo.

Need for a unique identifier while flashing firmware #

We know that when deploying a fleet of multiple devices, naming of these devices is of essence for various obvious reasons:

  • Identification
  • Grouping
  • Analysis, etc.

More often than not, we might find ourselves in a need to use these identifiers before the devices are deployed to the “field”. For ESP32s, we use the unique 12-digit default MAC address as device_id/thing_name of the device for:

  • Registering them on the cloud
  • Adding/embedding certificates and keys for security

What are IoT devices incomplete without? Yep, data collection. Where do you send this data? To your data observers on the internet. How do our data observers know what data comes from which device? You guessed it! The devices need to be pre-registered. One more vitally important reason to pre-register these devices is security and verification. How do you stop an unknown device from sniffing your data? By restricting the connectivity to a group of pre-registered devices. Okay, lets slow down and see what I’m talking about in a little more details.

Let’s look at an example scenario using AWS IoT Core since AWS accounted for a third of $42 billion cloud market in Q1 2021. Here’s a quick get-started with AWS IoT Core for you:

  1. Register each device as a unique “thing” on AWS IoT Core server
  2. Create and attach a certificate to the thing you just created
  3. Download the device certificate, private key and public key. Use them in your device to successfully verify your device to the AWS IoT server.
  4. Connect to AWS IoT from your device and start pushing data into the cloud!

For more details on this, please visit

This can be done in two ways:

  1. AWS IoT Core console
  2. AWS CLI Tool
  3. One of several SDKs available.

We want to bring to you two ways of getting data into the AWS cloud:

The Prepare Script #

The prepare script is a tool that automates the creating and flashing of devices making them ready-to-deploy with just one command, saving time in abundance. It does the following:

  1. Use esptool to get the default MAC address of the device.
  2. Creates an AWS policy if it does not already exist. To learn about policies in AWS, visit here.
  3. Create keys(private and public) and the certificate for the device and saves them as files.
  4. Attach the existing/created policy in step 2 to the certificate.
  5. Create a new thing with the MAC address obtained in step1 as thing name.
  6. Copy/embed the downloaded certificate and keys files into the necessary folder.

How to use #

  • You will need AWS configured in your device in order to automatically access your AWS and do the various steps above. If you haven’t already:
    • Install the python AWS CLI on your machine $ pip3 install awscli
    • Once done, run the command below to configure your AWS security credentials by providing the respective values: ““ $ aws configure
    AWS Access Key ID [None]: AWS Secret Access Key [None]: Default region name [None]: Default output format [None]: ““For more details on AWS access keys :
    For more details on AWS CLI:
  • You will need esptool and boto3 installed. Just run:$ pip3 install -r requirements.txt
  • Make sure you have configured the AWS variables in
  • Put your code project into a directory named source. This can be changed in the script.
  • Connect your ESP32This script is designed to be used for production firmware. Therefore, at every run, it stashes and pulls from the remote git repo. Please move ahead accordingly.
  • The AWS certificates will be stored in a folder named aws_credentials directory according to the current setup. You can change this in the file. Make sure the directory exists before you run the script.
  • Run in your project folder.


  • If the project is not a git repository, comment lines 9 and 10 in
  • Make sure the file has executable permission:$ sudo chmod +x

Now that we have looked at the command line tool at a lower level, it is completely fair for most people to say that they would rather want to focus on other things and wish they had an even higher level of automated tool which takes care of all of the above. It is time that we present to you a product that makes all of the above even simpler.

Introducing Bodh #

Meet your IoT Concierge! Most companies get too little from their IoT deployments, after spending too long & too much. Don’t become one of them.

Bodh takes you from signing up to insights in LITERALLY two minutes. Without compromising on security, robustness or scale. No more hassles, only bedazzles! Take a look at the get-started video on to spend two precious minutes of your time on how to get started with a cloud connected device and then take another two minutes to actually get your device sending data into the dashboard!


Bodh at
Get the CLI tool at
Documentation at

Write to us at:

For any questions on bodh:
For any other general questions:

For Bodh and Prepare Script, we have SAP and Azure integrations coming soon!

Scroll to Top