- 新しい順
- 投票が多い順
- コメントが多い順
It is best practice to have unique credentials for each device, meaning that you SHOULD use unique certificates for each ESP32. These certificates can be embedded in software or in HW security modules (such as ATECC608). These modules can also be purchased with preconfigured credentials that can be pre-registered in AWS IoT Core (see https://www.microchip.com/en-us/products/security/trust-platform). You can then leverage a JITP flow to activate the device and create the cloud resources (such as Thing, ThingGroups, Policies) automatically.
An alternative solution is to use a certificate vending machine that sends the device the unique certificate at onboarding time. One such solution which is tailored for embedded devices is IoT Provisioning Secrets Free. You can find additional solutions in the whitepaper listed below.
You can leverage AWS IoT Policiy variables to create scalable policies. You can read more at https://docs.aws.amazon.com/iot/latest/developerguide/iot-policy-variables.html
Check also out this whitepaper for more information on the different options for creating a secure provisioning solution your IoT products: https://docs.aws.amazon.com/whitepapers/latest/device-manufacturing-provisioning/device-manufacturing-provisioning.html
Thanks for the help. However it would be very helpful if I get some more in depth help regarding this. I am very much new to it.
関連するコンテンツ
- AWS公式更新しました 10ヶ月前
- AWS公式更新しました 1年前
- AWS公式更新しました 1年前