HOW set AWS/Node-Red MQTT broker if "IOT thing" is connected via "password authentication" NOT private certificates?

Dear All
I have Node-RED installed into an EC2 Virtual machine with Debian in AWS.

Following this guide, I'm able to let connect my ESP32 to AWS via MQTT.

In AWS IOT console Test, I see the data of the DHT22 sensor, trasmitted by ESP32 to AWS.

So all is working good

My problem is:
How configure AWS Node-Red MQTT broker, to read the data received from device connected to AWS with the "password authentication" creaded with "AWS CloudFormation templates" instead of use the MQTT broker with "private certificates".
In fact, I have no files .certificate.pem.crt or .private.pem.key pubblic.pem.key etc. to add to MQTT BROKER Node in Node-red AWS EC2!
Moreover I dont' know if I have to install the "mosquitto" mqttt broker in Linux EC2.

Thanks in advance.