From 47c997780244e2a3d46c2b4f27234e2022c8df29 Mon Sep 17 00:00:00 2001
From: divya pillai <divya.pillai@nordicsemi.no>
Date: Wed, 11 Sep 2024 15:59:06 +0200
Subject: [PATCH] doc: Updates to AWS IoT lib docs

NCSDK-28995
* Improve commands on how to install
dependencies and usage of the AWS CLI.
* Improve instructions of AWS IoT setup
for nRF70 Series

Signed-off-by: divya pillai <divya.pillai@nordicsemi.no>
---
 doc/nrf/libraries/networking/aws_iot.rst | 12 ++++++++++++
 doc/nrf/links.txt                        |  1 +
 2 files changed, 13 insertions(+)

diff --git a/doc/nrf/libraries/networking/aws_iot.rst b/doc/nrf/libraries/networking/aws_iot.rst
index 38727284df1..58271057717 100644
--- a/doc/nrf/libraries/networking/aws_iot.rst
+++ b/doc/nrf/libraries/networking/aws_iot.rst
@@ -46,6 +46,11 @@ To complete the steps described in this document, make sure that the following p
 
 * Install `AWS Command Line Interface`_ on your system and login as a user with appropriate permissions.
 * To use the ``nrfcredstore`` tool, the dependencies in the :file:`nrf/scripts/requirements-extra.txt` file must be installed.
+  Enter the following commands in a ``cmd.exe`` terminal window in the :file:`ncs` folder to install all the dependencies in the file:
+
+  .. code-block:: console
+
+     pip3 install -r nrf/scripts/requirements-extra.txt
 
 .. rst-class:: numbered-step
 
@@ -58,6 +63,8 @@ Generating and provisioning certificates
 There are multiple ways to generate and register these certificates:
 
 * The device key pair and certificate are generated by AWS and downloaded onto the device.
+* You must configure AWS with the AWS configure command to generate the key pair.
+  See `AWS CLI example`_ for the commands on AWS configuration.
 * The device generates the key pair and a Certificate Signing Request (CSR).
   This request is uploaded to AWS to obtain a device certificate and is used to generate a self-signed device certificate.
 
@@ -188,8 +195,13 @@ There are multiple ways to generate and register these certificates:
 
       #. Take note of the certificate ARN, as it will be required later.
       #. Download the `Amazon Root CA 1`_ PEM file as :file:`ca-cert.pem`.
+         You need to rename the file if it is not saved as a :file:`.pem` file.
       #. Place the PEM files into the folder path specified by the :kconfig:option:`CONFIG_MQTT_HELPER_CERTIFICATES_FOLDER` option, default is :file:`<app_src_dir>/certs/`.
          Ensure that the :kconfig:option:`CONFIG_MQTT_HELPER_PROVISION_CERTIFICATES` option is set.
+
+		   .. note::
+		      It is not necessary to set the :kconfig:option:`CONFIG_MQTT_HELPER_CERTIFICATES_FOLDER` Kconfig option if the file is placed in a folder named :file:`certs` under the application source directory.
+
       #. If the files are placed correctly, the :ref:`lib_mqtt_helper` library finds the certificates and provisions them to the Mbed TLS stack when connecting to AWS IoT.
 
 .. rst-class:: numbered-step
diff --git a/doc/nrf/links.txt b/doc/nrf/links.txt
index 5742464ac06..1949ad423a9 100644
--- a/doc/nrf/links.txt
+++ b/doc/nrf/links.txt
@@ -1114,6 +1114,7 @@
 .. _`Security best practices in AWS IoT Core`: https://docs.aws.amazon.com/iot/latest/developerguide/security-best-practices.html
 .. _`AWS IoT Core Server Authentication`: https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html
 .. _`CA certificates for server authentication in AWS IoT Core`: https://docs.aws.amazon.com/iot/latest/developerguide/server-authentication.html#server-authentication-certs
+.. _`AWS CLI example`: https://docs.aws.amazon.com/cli/latest/reference/configure/#examples
 
 .. _`AWS IoT console`: https://console.aws.amazon.com/iot/home
 .. _`AWS S3 console`: https://console.aws.amazon.com/s3/home