Getting started with AWS Greengrass and Raspberry Pi

NOTE: This post is originally published at

This post walks through the steps required to set up AWS Greengrass on your Raspbarry pi.

Install OS for Raspberry Pi on SD card

  1. Goto, download and install the Raspberry Pi Imager software to your local machine which will guide the installation.

  2. Once installed, open the Raspberry Pi Imager software and select the relevant OS (Raspberry Pi OS 32bit is recommended), SD Card and it will create the OS image in the SD card provided.

Once the OS is installed, you can insert the SD card to Pi and connect external keyboard and screen to it and configure wifi and ssh. Login username is pi and default password is raspberry. If you don’t have external keyboard, screen and you only want to connect to Pi via ssh, enable wifi and ssh as below.

Enable wifi

Create a file at boot directory with the name: wpa_supplicant.conf with below content. Replace country code (ex: NL, UK), wifi SSID and password with your own values.

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev

    ssid="[WIFI SSID]"

Enable SSH

To enable ssh access, create a empty file at boot directory with the name of ssh.

Once this is done, you can safely remove the SD card, insert it into Raspberry Pi and start it.

Once started, you need to know the ip of the device in order to ssh into it. For this, you may use one of IP scanner softwares where you can scan all the devices of the network. Else, you can log into your wifi (router) management ui and get the ip of the Raspberry Pi.

Once you know the ip, ssh into the Pi as ssh pi@[IP_Address] with the default password raspberry.

Install AWS Greengrass

Prepare the system

Before installing AWS IoT Greengrass Core software, there are few configurations need to be done.

  1. Add new user and group. Run below command to create user and group.

     sudo adduser --system ggc_user
     sudo addgroup --system ggc_group
  2. Enable hardlink and symlink protection To enable hard and symlik protection, add below 2 line to end of the /etc/sysctl.d/98-rpi.conf file.

     fs.protected_hardlinks = 1
     fs.protected_symlinks = 1

    Once done, reboot the Pi.

  3. Enable and mount memory cgroups Open /boot/cmdline.txt file with sudo permission and append below text to the end of the line and save the file.

      cgroup_enable=memory cgroup_memory=1

    Once done, reboot the Pi again.

  4. Dependency check To check if all the dependencies required to run AWS Greengrass core, we can download and run the Greengrass dependency checker as below:


cd greengrass-dependency-checker-GGCv1.11.x/ 
sudo modprobe configs
sudo ./check_ggc_dependencies

This will indicate whether all the system requirements are met.

Configurations on AWS console

  1. Log into AWS console and goto IoT Greengrass. (Please note, Greengrass is not available in all the regions.)

  2. Click on Create a Group > Default Group Creation and create a group providing a group name. (ex: MyRaspberryGroup)

  3. In the next step, Core name is auto filled based on your group name. Keep it as it is and move to next step.

  4. In the Review Group creation step, click on Create Group and Core. This will generate certificate and keys required for the device.

  5. Next screen, download the provided xxx-setup.tar.gz file which contains the keys and certificates generated.

Setting up the Pi

  1. Move the xxx-setup.tar.gz file downloaded into Pi by scp.

  2. Log into Pi

  3. Download the Greengrass Core software usign:wget

  4. Extract downloaded tar.gz files by: sudo tar -xzvf greengrass-linux-armv7l-1.11.0.tar.gz -C /. This will create a new greengrass directory in the root directory.

  5. Extract the xxx-setup-tar.gz files into the same greengrass directory: sudo tar -xvf xxx-setup.tar.gz -C /greengrass

  6. Go to /greengrass/config and download the root certificate as: sudo wget -O

  7. Next, go to /greengrass/ggc/core/ and run sudo ./greengrassd start. This will start the Greengrass daemon and output the process id.

Greengrass auto start on boot

In order to start Greengrass daemon when Pi reboot/start, follow the below steps.

  1. Create a file using sudo at /etc/systemd/system/greengrass.service with below content:

    Description=Greengrass Daemon
    ExecStart=/greengrass/ggc/core/greengrassd start
    ExecReload=/greengrass/ggc/core/greengrassd restart
    ExecStop=/greengrass/ggc/core/greengrassd stop
  2. Change the permission of the file to allow root to execute it.

    sudo chmod u+rwx /etc/systemd/system/greengrass.service
  3. Enable and start the greengrass.service:

    sudo systemctl enable greengrass
    sudo systemctl start greengrass
  4. Check if greengrass service is working fine (even after reboot) with ps aux | grep greengrass

Now, your raspberry pi is ready to use as an IOT device managed by AWS IOT.