Hi @isnore,
-
You will be able to sign your own requests to AWS using temporary credentials, so that you do not have to use a pre-signed URL. The process for obtaining temporary credentials is described here: https://docs.aws.amazon.com/iot/latest/developerguide/authorizing-direct-aws.html
and the signature process is described here: https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html -
The client cert is an X.509 certificate for your device. It can be created for you by AWS IoT Core, or you will be able to upload your own as described here: https://docs.aws.amazon.com/iot/latest/developerguide/create-device-certificate.html
The string created in the signature process above can be used in your Authorization header for your request to S3, as described by this page: https://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html. The difference between the provided upload demo and using the temporary credential workflow is that you will have to add the necessary headers, using IotHttpsClient_AddHeader after initializing the request.