The AWS re:Invent event recently took place in Las Vegas and as part of the pre-event announcements, Amazon shared eight new features available within their Internet of Things (IoT) platform. These new features include: secure tunneling, configurable endpoints, custom domains for configurable endpoints, enhanced custom authorizers, fleet provisioning, Alexa Voice Services (AVS) integration, container support for AWS IoT Greengrass and Stream Manager for AWS IoT Greengrass.
Secure Tunneling provides a secure channel between devices, even if the devices are on a low-level operational network, by setting up a secure tunnel on port 443 that uses TLS 1.2 encryption. A local proxy will then move commands and data across the tunnel. Jeff Barr, chief evangelist at AWS, explains why this is an important feature:
This feature addresses a very common customer request: the need to access, troubleshoot, and fix IoT devices that are behind a restrictive firewall. This feature is of special relevance to medical devices, utility meters, and specialized hardware with an IoT aspect.
Custom Domains for Configurable Endpoints provide the ability to create custom AWS IoT Core endpoints with their own DNS CNAME and server certificate. The benefit is the ability to "brand" an identity and provide fully qualified domain names that allow organizations to manage their own root certificate authority.
For organizations looking to implement their own identity and access management solution, they can take advantage of Enhanced Custom Authorizers to authenticate and authorize traffic to and from IoT Devices. This feature works with all protocols supported by AWS IoT Core. An example of how this can be used is authenticating and authorizing MQTT connections by passing a simplified token over HTTP and WebSocket (WSS) connections.
Alexa Voice Service (AVS) integration reduces the costs associated with building Alexa built-in devices due to offloading some of the compute needs to the cloud. Using AVS allows devices with a smaller footprint to be integrated with Alexa, including devices with less than 1Mb of RAM and ARM Cortex M class microcontrollers. Faye Ellis, a senior technical instructor at A Cloud Guru, further explains:
Alexa voice capability can now be produced on any type of connected device and the associated workload will be offloaded to the cloud which in turn reduces the cost of producing Alexa built-in devices by up to 50%.
Managing IoT devices can be a challenging endeavor for organizations. Fleet Provisioning addresses these needs by allowing large fleets of devices to be deployed to AWS IoT Core. Using this feature will allow generic devices to be uniquely configured when a device makes its initial connection to AWS IoT Core.
Configurable Endpoints enable organizations to control their AWS IoT Endpoints through customizations like domain and authentication mechanisms. Barr explains the importance of this feature as:
This allows you to migrate to AWS IoT while keeping your existing endpoints (perhaps hardwired into devices already out in the field) unchanged and maintaining backwards compatibility with hard-to-update devices in the field.
In addition to these features, Amazon has also made additional investments in the area of AWS IoT Greengrass, a local compute, messaging and data management platform. The additional investments include Container Support for AWS IoT Greengrass, which allows Docker containers and applications to be deployed, run and managed. In addition, Stream Manager for AWS IoT Greengrass allows for streaming applications to be built that collect, process and export streams of data from IoT devices and then routes them to Amazon Kinesis Data Streams.