I work with IoT and usually, secure authentication for IoT devices is kinda hard. AWS describes mechanism how to obtain credentials using AWS IoT Core credentials provider, however, there are no "ready-to-use" library or package and you suppose to add it yourself and include into firmware or middleware.

My tool uses device certificates to authenticate with AWS and obtain temporary credentials that can be used to call other AWS services. Credentials then formatted to proper output in order to integrate with AWS SDKs. Also some caching mechanism implemented not to call AWS every time.

Feel free to suggest features/changes or code improvements!