Encryption at Rest - AWS IoT Things Graph

Encryption at Rest

In cloud deployments of flows, AWS IoT Things Graph protects data at rest through server-side encryption. For more information, see Data encryption in AWS IoT in the AWS IoT Developer Guide.

In AWS IoT Greengrass deployments of flows, AWS IoT Things Graph uses the encryption features of AWS IoT Greengrass. For more information, see Encryption at Rest in the AWS IoT Greengrass Developer Guide.

Additionally, when AWS IoT Things Graph installs a flow to your AWS IoT Greengrass core, it first uploads a file that contains all of the flow's dependencies to an Amazon S3 bucket. AWS IoT Things Graph uploads this file by using the HTTPS protocol, so that it's secure in transit by default. It's your responsibility to secure the Amazon S3 bucket.