Edit on GitHub
Report issue
Page history

Introduction to Cloud IoT Core

Author(s): @jscud ,   Published: 2019-07-31

Google Cloud Community tutorials submitted from the community do not represent official Google Cloud product documentation.

Introduction to Cloud IoT Core

Take the interactive version of this tutorial, which runs in the Google Cloud Platform (GCP) Console:

Open in GCP Console


Cloud IoT Core is a fully managed service for connecting and managing IoT devices. This tutorial uses the gcloud command-line tool to create a Cloud IoT Core device registry, add a device, and run an MQTT sample to connect a device and publish device telemetry events.

Project setup

GCP organizes resources into projects. This allows you to collect all of the related resources for a single application in one place.

Begin by creating a new project or selecting an existing project for this tutorial.

For details, see Creating a project.

Using Cloud Shell

In this tutorial, you do all of your work in Cloud Shell, which is a built-in command-line tool for the GCP Console.

Open Cloud Shell by clicking the Activate Cloud Shell button in the navigation bar in the upper-right corner of the console.

Enable the Cloud IoT Core API

To use the Cloud IoT Core API, you must first enable it.

Use the following to enable the API:


Create your first Cloud Pub/Sub topic

A Cloud Pub/Sub topic is a named resource to which devices send messages. Create your first topic with the following command:

gcloud pubsub topics create my-topic

You will send several messages to this topic later.

Create a subscription to the device's topic

Run the following command to create a subscription, which allows you to view the messages published by your device:

gcloud pubsub subscriptions create \
    projects//subscriptions/my-subscription \

Clone the Cloud IoT Core Node.js sample files from GitHub

You use the MQTT sample to send messages to Cloud IoT Core.

Clone the sample program with the following command:

git clone https://github.com/GoogleCloudPlatform/nodejs-docs-samples.git

Grant permission to the Cloud IoT Core service account

In this section, you use a helper script to add the cloud-iot@system.gserviceaccount.com service account to the Cloud Pub/Sub topic with the Publisher role.

cd nodejs-docs-samples/iot/

Install the dependencies:

npm --prefix ./scripts install

Run the helper script:

node scripts/iam.js my-topic

The script grants permission to the Cloud IoT Core service account on the my-topic topic.

Create a device registry

A device registry contains devices and defines properties shared by all of the contained devices. Create your device registry with the following command:

gcloud iot registries create my-registry \
    --project= \
    --region=us-central1 \

Generate your signing keys

To authenticate to Cloud IoT Core, a device needs a private key and a public key. Generate your signing keys by running the following command:


This script creates RS256 and ES256 keys in PEM format, but you'll only need the RS256 keys for this tutorial. The private key must be securely stored on the device and is used to sign the authentication (JWT (JSON Web Token)). The public key is stored in the device registry.

Create a device and add it to the registry

Run the following command to create a device and add it to the registry:

gcloud iot devices create my-node-device \
    --project= \
    --region=us-central1 \
    --registry=my-registry \
    --public-key path=rsa_cert.pem,type=rs256

Connect your device and publish messages

In this section, you send messages from a virtual device to Cloud Pub/Sub.

cd mqtt_example

Install the Node.js dependencies

npm install

Connect a virtual device to Cloud IoT Core using the MQTT bridge

node cloudiot_mqtt_example_nodejs.js \
    mqttDeviceDemo \
    --cloudRegion=us-central1 \
    --projectId= \
    --registryId=my-registry \
    --deviceId=my-node-device \
    --privateKeyFile=../rsa_private.pem \
    --numMessages=25 \
    --algorithm=RS256 \

The output shows that the virtual device is publishing messages to the telemetry topic. 25 messages are published.

Pull published messages

Pull the messages published by the device with the following command:

gcloud pubsub subscriptions pull --auto-ack \

Running this command returns the messages published by the device. The messages have the following data, my-registry/my-node-device-payload-[INTEGER], a MESSAGE_ID, and an ATTRIBUTES list of information about the device. The MESSAGE_ID is a unique ID assigned by the server.

View resources in the GCP Console

This concludes the gcloud command-line tutorial, but you can also use the GCP Console to view the resources you just created.

Open the Navigation menu in the upper-left corner of the console, and then select IoT Core.

You can also use this graphical user interface to create and manage device registries and devices.


Congratulations! You just walked through the basic concepts of Cloud IoT Core using the gcloud command-line tool, and you used the GCP Console to view Cloud IoT Core resources. The next step is to create awesome applications! For more information, see the IoT Core documentation.

Here's what you can do next

View more Cloud IoT Core samples on GitHub in any of several programming languages:

Submit a tutorial

Share step-by-step guides

Submit a tutorial

Request a tutorial

Ask for community help

Submit a request

View tutorials

Search Google Cloud tutorials

View tutorials

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.