IoT Core: Are device registry API call involved during device authentication?

Question

Hello,

Working on estimating costs of an IoT solution based on AWS IoT Core, I am wondering if I have to assume device registry involvement to perform device auth.

I made I device to authenticate over the MQTT endpoint using the Thing Certificate (so I did not perform device registries calls by my self). But I don't get if AWS does it "under the hood" when I authenticate a device, and then I have to account for that on my estimation.

Thanks, F.

Kidd Ip · Answer

In AWS IoT Core, device authentication doesn’t involve direct interactions with the device registry APIs. When a device connects using an X.509 certificate or other valid credentials, AWS IoT Core verifies the certificate against its linked IoT policies and AWS Certificate Manager. The device registry is simply a store for metadata and relationships such as mapping a certificate to a Thing and isn’t accessed during the authentication process. As a result, you don’t need to include registry API calls in your cost calculations for device authentication.

https://docs.aws.amazon.com/iot/latest/developerguide/thing-registry.html

https://repost.aws/articles/AR9ZN_i2oUS22ixF2-N0LFEg/how-to-maintain-upgrade-your-device-authentication-authorization-scheme-when-migrating-to-aws-iot-core

https://docs.aws.amazon.com/iot/latest/developerguide/thing-registry.html

https://repost.aws/articles/AR9ZN_i2oUS22ixF2-N0LFEg/how-to-maintain-upgrade-your-device-authentication-authorization-scheme-when-migrating-to-aws-iot-core

IoT Core: Are device registry API call involved during device authentication?

新增您的答案

相關內容