AWS IoT Device Defender endpoints and quotas

The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.

Service endpoints

Region Name	Region	Endpoint	Protocol
US East (Ohio)	us-east-2	iot.us-east-2.amazonaws.com	HTTPS
US East (N. Virginia)	us-east-1	iot.us-east-1.amazonaws.com	HTTPS
US West (N. California)	us-west-1	iot.us-west-1.amazonaws.com	HTTPS
US West (Oregon)	us-west-2	iot.us-west-2.amazonaws.com	HTTPS
Asia Pacific (Hong Kong)	ap-east-1	iot.ap-east-1.amazonaws.com	HTTPS
Asia Pacific (Mumbai)	ap-south-1	iot.ap-south-1.amazonaws.com	HTTPS
Asia Pacific (Seoul)	ap-northeast-2	iot.ap-northeast-2.amazonaws.com	HTTPS
Asia Pacific (Singapore)	ap-southeast-1	iot.ap-southeast-1.amazonaws.com	HTTPS
Asia Pacific (Sydney)	ap-southeast-2	iot.ap-southeast-2.amazonaws.com	HTTPS
Asia Pacific (Tokyo)	ap-northeast-1	iot.ap-northeast-1.amazonaws.com	HTTPS
Canada (Central)	ca-central-1	iot.ca-central-1.amazonaws.com	HTTPS
Europe (Frankfurt)	eu-central-1	iot.eu-central-1.amazonaws.com	HTTPS
Europe (Ireland)	eu-west-1	iot.eu-west-1.amazonaws.com	HTTPS
Europe (London)	eu-west-2	iot.eu-west-2.amazonaws.com	HTTPS
Europe (Paris)	eu-west-3	iot.eu-west-3.amazonaws.com	HTTPS
Europe (Stockholm)	eu-north-1	iot.eu-north-1.amazonaws.com	HTTPS
Middle East (Bahrain)	me-south-1	iot.me-south-1.amazonaws.com	HTTPS
Middle East (UAE)	me-central-1	iot.me-central-1.amazonaws.com	HTTPS
AWS GovCloud (US-East)	us-gov-east-1	iot.us-gov-east-1.amazonaws.com	HTTPS
AWS GovCloud (US-West)	us-gov-west-1	iot.us-gov-west-1.amazonaws.com	HTTPS

Service quotas

AWS IoT Device Defender audits limits and quotas
Limit display name	Description	Default value	Adjustable
`Scheduled audits`	The maximum number of scheduled audits.	5	No
`Simultaneous in progress on-demand audits`	The maximum number of simultaneous in progress on-demand audits.	10	No
`Storage duration for audit findings`	The maximum time, in days, that audit findings are stored after being reported.	90	No

The following service quotas apply to mitigation actions and audit mitigation action tasks:

AWS IoT Device Defender mitigation limits and quotas
Limit display name	Description	Default value	Adjustable
`Mitigation actions`	The maximum number of mitigation actions.	100	No

Audit mitigation action limits
Resource	Limit
Number of audit mitigation action tasks running at the same time	10 tasks
Retention period for audit mitigation action tasks	90 days

AWS IoT Device Defender detect limits and quotas
Limit display name	Description	Default value	Adjustable
`Behavior metric value elements for each security profile`	The maximum number of behavior metric value elements (counts, IP addresses, ports) for each security profile.	1000	No
`Behaviors for each security profile`	The maximum number of behaviors for each security profile	100	No
`Custom metrics`	The maximum number of detect custom metrics.	100	Yes
`Device metric minimum delay`	The minimum time, in seconds, that a device must wait between sending metric reports.	300 Seconds	Yes
`Device metric peak reporting rate for an account`	The maximum number of device-side metric reports that can be sent, per second, from all devices in an account.	3500	Yes
`Metric dimensions`	The maximum number of detect metric dimensions.	10	No
`Security profiles for each target`	The maximum number of security profiles for each target (things or thing groups in the AWS account).	5	No
`Storage duration for detect metrics`	The maximum time, in days, that detect metrics are stored after being ingested.	14	No
`Storage duration for detect violations`	The maximum time, in days, that detect violations are stored after being generated.	30	No

ML Detect limits
Resource	Quota	Adjustable
Number of Detect mitigation action tasks that can be running at the same time	5 maximum	Yes
Retention period for Detect mitigation action tasks	90 days maximum	Yes
Retention period for models (time after which models are expired)	30 days maximum	No

AWS IoT Device Defender API throttling limits

This table describes the maximum number of transactions per second (TPS) that can be made to each of these AWS IoT Device Defender API actions.

AWS IoT Device Defender API throttling limits
Limit display name	Description	Default value	Adjustable
`AttachSecurityProfile API TPS`	The maximum number of transactions per second (TPS) that can be made for the AttachSecurityProfile API.	10	No
`CancelAuditMitigationActionsTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the CancelAuditMitigationActionsTask API.	10	No
`CancelAuditTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the CancelAuditTask API.	10	No
`CancelDetectMitigationActionsTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the CancelDetectMitigationActionsTask API.	10	No
`CreateAuditSuppression API TPS`	The maximum number of transactions per second (TPS) that can be made for the CreateAuditSuppression API.	10	No
`CreateCustomMetric API TPS`	The maximum number of transactions per second (TPS) that can be made for the CreateCustomMetric API.	10	No
`CreateMitigationAction API TPS`	The maximum number of transactions per second (TPS) that can be made for the CreateMitigationAction API.	10	No
`CreateScheduledAudit API TPS`	The maximum number of transactions per second (TPS) that can be made for the CreateScheduledAudit API.	5	No
`CreateSecurityProfile API TPS`	The maximum number of transactions per second (TPS) that can be made for the CreateSecurityProfile API.	10	No
`DeleteAccountAuditConfiguration API TPS`	The maximum number of transactions per second (TPS) that can be made for the DeleteAccountAuditConfiguration API.	5	No
`DeleteAuditSuppression API TPS`	The maximum number of transactions per second (TPS) that can be made for the DeleteAuditSuppression API.	10	No
`DeleteCustomMetric API TPS`	The maximum number of transactions per second (TPS) that can be made for the DeleteCustomMetric API.	10	No
`DeleteDimension API TPS`	The maximum number of transactions per second (TPS) that can be made for the DeleteDimension API.	10	No
`DeleteMitigationAction API TPS`	The maximum number of transactions per second (TPS) that can be made for the DeleteMitigationAction API.	10	No
`DeleteScheduledAudit API TPS`	The maximum number of transactions per second (TPS) that can be made for the DeleteScheduledAudit API.	5	No
`DeleteSecurityProfile API TPS`	The maximum number of transactions per second (TPS) that can be made for the DeleteSecurityProfile API.	10	No
`DescribeAccountAuditConfiguration API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeAccountAuditConfiguration API.	5	No
`DescribeAuditFinding API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeAuditFinding API.	25	No
`DescribeAuditMitigationActionsTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeAuditMitigationActionsTask API.	25	No
`DescribeAuditSuppression API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeAuditSuppression API.	10	No
`DescribeAuditTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeAuditTask API.	25	No
`DescribeCustomMetric API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeCustomMetric API.	25	No
`DescribeDetectMitigationActionsTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeDetectMitigationActionsTask API.	10	No
`DescribeDimension API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeDimension API.	10	No
`DescribeMitigationAction API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeMitigationAction API.	25	No
`DescribeScheduledAudit API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeScheduledAudit API.	5	No
`DescribeSecurityProfile API TPS`	The maximum number of transactions per second (TPS) that can be made for the DescribeSecurityProfile API.	25	No
`DetachSecurityProfile API TPS`	The maximum number of transactions per second (TPS) that can be made for the DetachSecurityProfile API.	10	No
`ListActiveViolations API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListActiveViolations API.	10	No
`ListAuditFindings API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListAuditFindings API.	10	No
`ListAuditMitigationActionsExecutions API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListAuditMitigationActionsExecutions API.	10	No
`ListAuditMitigationActionsTasks API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListAuditMitigationActionsTasks API.	10	No
`ListAuditSuppressions API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListAuditSuppressions API.	10	No
`ListAuditTasks API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListAuditTasks API.	10	No
`ListCustomMetrics API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListCustomMetrics API.	10	No
`ListDetectMitigationActionsExecutions API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListDetectMitigationActionsExecutions API.	10	No
`ListDetectMitigationActionsTasks API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListDetectMitigationActionsTasks API.	10	No
`ListDimensions API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListDimensions API.	10	No
`ListMetricValues API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListMetricValues API.	15	Yes
`ListMitigationActions API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListMitigationActions API.	10	No
`ListScheduledAudits API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListScheduledAudits API.	5	No
`ListSecurityProfiles API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListSecurityProfiles API.	10	No
`ListSecurityProfilesForTarget API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListSecurityProfilesForTarget API.	10	No
`ListTargetsForSecurityProfile API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListTargetsForSecurityProfile API.	10	No
`ListViolationEvents API TPS`	The maximum number of transactions per second (TPS) that can be made for the ListViolationEvents API.	10	No
`PutVerificationStateOnViolation API TPS`	The maximum number of transactions per second (TPS) that can be made for the PutVerificationStateOnViolation API.	10	No
`StartAuditMitigationActionsTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the StartAuditMitigationActionsTask API.	10	No
`StartDetectMitigationActionsTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the StartDetectMitigationActionsTask API.	10	No
`StartOnDemandAuditTask API TPS`	The maximum number of transactions per second (TPS) that can be made for the StartOnDemandAuditTask API.	10	No
`UpdateAccountAuditConfiguration API TPS`	The maximum number of transactions per second (TPS) that can be made for the UpdateAccountAuditConfiguration API.	5	No
`UpdateAuditSuppression API TPS`	The maximum number of transactions per second (TPS) that can be made for the UpdateAuditSuppression API.	10	No
`UpdateCustomMetric API TPS`	The maximum number of transactions per second (TPS) that can be made for the UpdateCustomMetric API.	10	No
`UpdateDimension API TPS`	The maximum number of transactions per second (TPS) that can be made for the UpdateDimension API.	10	No
`UpdateMitigationAction API TPS`	The maximum number of transactions per second (TPS) that can be made for the UpdateMitigationAction API.	10	No
`UpdateScheduledAudit API TPS`	The maximum number of transactions per second (TPS) that can be made for the UpdateScheduledAudit API.	5	No
`UpdateSecurityProfile API TPS`	The maximum number of transactions per second (TPS) that can be made for the UpdateSecurityProfile API.	10	No
`ValidateSecurityProfileBehaviors API TPS`	The maximum number of transactions per second (TPS) that can be made for the ValidateSecurityProfileBehaviors API.	10	No

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS IoT Core

AWS IoT Device Management