AWS IoT Things Graph security - AWS IoT Things Graph

AWS IoT Things Graph security

AWS IoT Things Graph uses X.509 certificates, managed subscriptions, AWS IoT policies, and IAM policies and roles to secure the applications that run on devices either in the cloud or in your local AWS IoT Greengrass environment. AWS IoT Things Graph uses the AWS IoT security features for cloud deployments and the AWS IoT Greengrass security features for AWS IoT Greengrass deployments.

For more information about AWS IoT security, see Security in AWS IoT in the AWS IoT Developer Guide.

For more information about AWS IoT Greengrass security, see AWS IoT Greengrass security in the AWS IoT Greengrass Developer Guide.

IAM role for flow execution in cloud deployments

Cloud deployments require you to use an IAM role to allow AWS IoT Things Graph to execute the flows in the deployments on your behalf. For more information about creating this role, see Prepare for cloud deployments.

The following diagram shows how AWS IoT Things Graph security fits within AWS IoT security.


                Example graphic of how AWS IoT security works with AWS IoT Things Graph security.

IAM role for flow execution in AWS IoT Greengrass deployments

AWS IoT Greengrass deployments require you to use an IAM role to allow AWS IoT Things Graph to execute the flows in the deployments on your behalf. Your AWS IoT Greengrass service role must also have read and write permissions for Amazon S3. For more information about creating and setting up these roles, see Setting up your environment for AWS IoT Greengrass deployments.

The following diagram shows how AWS IoT Things Graph security fits within AWS IoT Greengrass security.


                Example graphic of how AWS IoT security works with AWS IoT Greengrass security.