Internet of Things: Qwik Start

Join Sign in

Internet of Things: Qwik Start

40 minutes 1 Credit


Google Cloud selp-paced labs logo


Cloud IoT Core is a fully managed service that allows you to easily and securely connect, manage, and ingest data from millions of globally dispersed devices. Cloud IoT Core, in combination with other services on Google Cloud IoT platform, provides a complete solution for collecting, processing, analyzing, and visualizing IoT data in real time to support improved operational efficiency.

Key concepts

To understand Cloud IoT Core, you should be familiar with the following concepts:

Internet of Things (IoT)

A collective term for the physical objects that are connected to the internet and can exchange data without user involvement.


A "Thing" in the Internet of Things - a processing unit that is capable of connecting to the internet and exchanging data with the cloud. Devices are often called "smart devices" or "connected devices". They communicate two types of data: telemetry and state.


All event data (for example, measurements about the environment) sent from devices to the cloud. Telemetry data sent from a device to the cloud is called "device telemetry event" data. You can use Google Cloud Big Data Solutions to analyze telemetry data.

Device state

An arbitrary, user-defined blob of data that describes the current status of the device. Device state data can be structured or unstructured, and flows only in the device-to-cloud direction.

Device configuration

An arbitrary, user-defined blob of data used to control or change a device's state. Configuration data can be structured or unstructured, and flows only in the cloud-to-device direction.

Device registry

A container of devices with shared properties. You "register" a device with a service (like Cloud IoT Core) so that you can manage it (see the next item in this list).

Device manager

The service you use to monitor device health and activity, update device configurations, and manage credentials and authentication.


An industry-standard IoT protocol (Message Queue Telemetry Transport). MQTT is a publish/subscribe (pub/sub) messaging protocol.


The main components of Cloud IoT Core are the device manager and the protocol bridges:

  • A device manager for registering devices with the service, so you can then monitor and configure them.
  • Two protocol bridges (MQTT and HTTP) that devices can use to connect to Google Cloud.

Device telemetry data is forwarded to a Cloud Pub/Sub topic, which can then be used to trigger Cloud Functions. You can also perform streaming analysis with Cloud Dataflow or custom analysis with your own subscribers.

The following diagram summarizes the service components and the flow of data:


This hands-on lab shows you how to use Cloud Console to create a Cloud IoT Core device registry and register a device. It also shows you how to run a sample to connect a device and publish device telemetry events.

Setup and Requirements

Before you click the Start Lab button

Read these instructions. Labs are timed and you cannot pause them. The timer, which starts when you click Start Lab, shows how long Google Cloud resources will be made available to you.

This hands-on lab lets you do the lab activities yourself in a real cloud environment, not in a simulation or demo environment. It does so by giving you new, temporary credentials that you use to sign in and access Google Cloud for the duration of the lab.

To complete this lab, you need:

  • Access to a standard internet browser (Chrome browser recommended).
Note: Use an Incognito or private browser window to run this lab. This prevents any conflicts between your personal account and the Student account, which may cause extra charges incurred to your personal account.
  • Time to complete the lab---remember, once you start, you cannot pause a lab.
Note: If you already have your own personal Google Cloud account or project, do not use it for this lab to avoid extra charges to your account.

How to start your lab and sign in to the Google Cloud Console

  1. Click the Start Lab button. If you need to pay for the lab, a pop-up opens for you to select your payment method. On the left is the Lab Details panel with the following:

    • The Open Google Console button
    • Time remaining
    • The temporary credentials that you must use for this lab
    • Other information, if needed, to step through this lab
  2. Click Open Google Console. The lab spins up resources, and then opens another tab that shows the Sign in page.

    Tip: Arrange the tabs in separate windows, side-by-side.

    Note: If you see the Choose an account dialog, click Use Another Account.
  3. If necessary, copy the Username from the Lab Details panel and paste it into the Sign in dialog. Click Next.

  4. Copy the Password from the Lab Details panel and paste it into the Welcome dialog. Click Next.

    Important: You must use the credentials from the left panel. Do not use your Google Cloud Skills Boost credentials. Note: Using your own Google Cloud account for this lab may incur extra charges.
  5. Click through the subsequent pages:

    • Accept the terms and conditions.
    • Do not add recovery options or two-factor authentication (because this is a temporary account).
    • Do not sign up for free trials.

After a few moments, the Cloud Console opens in this tab.

Note: You can view the menu with a list of Google Cloud Products and Services by clicking the Navigation menu at the top-left. Navigation menu icon

Activate Cloud Shell

Cloud Shell is a virtual machine that is loaded with development tools. It offers a persistent 5GB home directory and runs on the Google Cloud. Cloud Shell provides command-line access to your Google Cloud resources.

  1. Click Activate Cloud Shell Activate Cloud Shell icon at the top of the Google Cloud console.

  2. Click Continue.

It takes a few moments to provision and connect to the environment. When you are connected, you are already authenticated, and the project is set to your PROJECT_ID. The output contains a line that declares the PROJECT_ID for this session:

Your Cloud Platform project in this session is set to YOUR_PROJECT_ID

gcloud is the command-line tool for Google Cloud. It comes pre-installed on Cloud Shell and supports tab-completion.

  1. (Optional) You can list the active account name with this command:

gcloud auth list


ACTIVE: * ACCOUNT: To set the active account, run: $ gcloud config set account `ACCOUNT`
  1. (Optional) You can list the project ID with this command:

gcloud config list project


[core] project = <project_ID>

Example output:

[core] project = qwiklabs-gcp-44776a13dea667a6 Note: For full documentation of gcloud, in Google Cloud, refer to the gcloud CLI overview guide.

Create a Pub/Sub Topic

  1. In the Cloud Console, click Navigation menu > Pub/Sub > Topics.

  2. Click + CREATE TOPIC from the top menu.

  3. Give the topic the ID cloud-builds and click CREATE TOPIC:


Create a device registry

  1. In the Cloud Console, click Navigation menu > IoT Core.


  1. Click Create Registry and set the following fields (you will need to click on the Show Advanced Options button):



Registry ID




Cloud Pub/Sub Topics

Select a Cloud Pub/Sub Topic

Select the default cloud-builds topic from the drop down.

Click Show Advanced Options

Device state topic

Leave at the default value


MQTT only

Cloud Logging


CA certificate


  1. Click Create. You should see a similar page once your registry has been successfully created:


You've just created a device registry with a Cloud Pub/Sub topic for publishing device telemetry events. In the next section you'll add a device to the registry.

Click Check my progress below to check your lab progress.

Create a device registry.

Add a device to the registry

  1. On the IoT Core page, click on Devices in the left menu, then click + Create a Device.
  2. Set the following fields (you will need to click on the COMMUNICATION, CLOUD LOGGING, AUTHENTICATION link):



Device ID


Device communication



Default value (for now)

Public Key format

Default value (for now)

Public key value

Default value (for now)

  1. Click Create.

You've just added a device to your registry. The device won't be able to connect to Google Cloud without a valid key.

Click Check my progress below to check your lab progress.

Add a device to the registry.

Add a public key to the device

For your device to transmit telemetry data through the cloud, you must add a key to the device.

  1. In Cloud Shell, run the following command to create an RS256 key:

openssl req -x509 -newkey rsa:2048 -keyout rsa_private.pem -nodes \ -out rsa_cert.pem -subj "/CN=unused"
  1. Now enter in ls in Cloud Shell. You will see the following files:

README-cloudshell.txt rsa_cert.pem rsa_private.pem

Open the rsa_cert.pem with the nano editor:

nano rsa_cert.pem
  1. Copy the contents of rsa_cert.pem to the clipboard, include -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.

  2. Exit the editor with CTRL + X.

  3. In the Cloud Console, on the Authentication tab for the device you created, click Add public key.

  4. Enter the following values:



Input method

Enter manually

Public key format


Public key value

Paste contents of rsa_cert.pem

Public key expiration date

Default value

  1. Click Add.


An RS256_X509 key is now listed for your device.

Click Check my progress below to check your lab progress.

Add a public key to the device

Run a Node.js sample to connect a virtual device and view telemetry

  1. In Cloud Shell run the following, replacing <YOUR_PROJECT_ID> with your Qwiklabs Project ID:

export PROJECT_ID=<YOUR_PROJECT_ID> gcloud config set project $PROJECT_ID

Next, get the Cloud IoT Core Node.js samples from GitHub by cloning the full Node.js repository.

  1. Enter the following to clone the repo:

git clone
  1. Navigate to the Cloud IoT Core samples in the samples directory.

cd nodejs-iot/samples/mqtt_example

You'll complete the rest of these steps in this directory.

  1. Copy the private key to the current working directory:

cp ../../../rsa_private.pem .
  1. In the command line, install the Node.js dependencies:

npm install
  1. Run the following command to create a subscription:

gcloud pubsub subscriptions create \ projects/$PROJECT_ID/subscriptions/my-subscription \ --topic=projects/$PROJECT_ID/topics/cloud-builds

Click Check my progress below to check your lab progress.

create a subscription.
  1. Download the root certificate:

curl -O
  1. Run the following command to connect a virtual device to Cloud IoT Core using the MQTT bridge:

node cloudiot_mqtt_example_nodejs.js \ mqttDeviceDemo \ --projectId=$PROJECT_ID \ --cloudRegion=us-central1 \ --registryId=my-registry \ --deviceId=my-device \ --privateKeyFile=rsa_private.pem \ --numMessages=25 \ --algorithm=RS256 \ --serverCertFile=roots.pem \ --mqttBridgePort=443

The output shows that the sample device is publishing messages to the telemetry topic. Twenty-five messages are published.

  1. Run the following command to read the messages published to the telemetry topic:

gcloud pubsub subscriptions pull --auto-ack \ projects/$PROJECT_ID/subscriptions/my-subscription

Repeat the subscriptions pull command to view additional messages.

You created a Cloud IoT Core device registry, connected a device, and published device telemetry events.

Test your knowledge

Test your knowledge about Google cloud Platform by taking our quiz.


Baseline_Infrastructure_125.png IOT-Badge-125.png

Finish Your Quest

This self-paced lab is part of the Qwiklabs Baseline: Infrastructure and IoT in the Google Cloud. A Quest is a series of related labs that form a learning path. Completing this Quest earns you the badge above, to recognize your achievement. You can make your badge (or badges) public and link to them in your online resume or social media account. Enroll in a Quest and get immediate completion credit if you've taken this lab. See other available Qwiklabs Quests.

Take Your Next Lab

Continue your Quest with Google Cloud Pub/Sub: Qwik Start - Console, or check out these suggestions:

Next Steps /Learn More

These labs are also part of a series of labs called Qwik Starts. Qwik Starts are designed to give you a little taste of the many features available with Google Cloud. Search for "Qwik Starts" in the lab catalog to find the next lab you'd like to take!

Google Cloud training and certification

...helps you make the most of Google Cloud technologies. Our classes include technical skills and best practices to help you get up to speed quickly and continue your learning journey. We offer fundamental to advanced level training, with on-demand, live, and virtual options to suit your busy schedule. Certifications help you validate and prove your skill and expertise in Google Cloud technologies.

Manual Last Updated March 9, 2022
Lab Last Tested March 9, 2022

Copyright 2022 Google LLC All rights reserved. Google and the Google logo are trademarks of Google LLC. All other company and product names may be trademarks of the respective companies with which they are associated.