AWS IoT Greengrass Extends Functionality with Connectors to External Applications, Hardware Root of Trust Security, and Isolation Configurations

Posted on: Nov 26, 2018

AWS IoT Greengrass allows you to bring local compute, messaging, data caching, sync, and ML inference capabilities to edge devices. Starting today, you can use new features that extend the capabilities of AWS IoT Greengrass including connectors to third-party applications and AWS services, hardware root of trust private key storage, and isolation and permission settings that increase AWS IoT Greengrass Core configuration options.  

AWS IoT Greengrass Connectors allow you to now easily build complex workflows on AWS IoT Greengrass without having to worry about understanding device protocols, managing credentials, or interacting with external APIs. AWS IoT Greengrass Connectors allow you to connect to third-party applications, on-premises software, and AWS services without writing code. You can re-use common business logic from one AWS IoT Greengrass device to another through the ability to discover, import, configure, and deploy applications and services at the edge. You can also use AWS Secrets Manager at the edge to protect your keys and credentials in the cloud and at the edge. Secrets can be attached and deployed from AWS Secrets Manager to groups via the AWS IoT Greengrass console.

AWS IoT Greengrass now provides enhanced security with hardware root of trust private key storage on hardware secure elements including Trusted Platform Modules (TPMs) and Hardware Security Modules (HSMs). Storing your private key on a hardware secure element adds hardware root of trust level-security to existing AWS IoT Greengrass security features that include X.509 certificates for TLS mutual authentication and encryption of data both in transit and at rest. You can also use the hardware secure element to protect secrets that you deploy to your AWS IoT Greengrass device using AWS IoT Greengrass Secrets Manager.

You can also use new configuration options to deploy AWS IoT Greengrass to another container environment and directly access device resources such as Bluetooth Low Energy (BLE) devices or low-power edge devices like sensors. You can run AWS IoT Greengrass on devices without elevated privileges and without the AWS IoT Greengrass container at a group or individual AWS Lambda level. You can also change the user identity associated with an individual AWS Lambda, providing more granular control over permissions.

To learn more about new AWS IoT Greengrass features, visit our website. You can also view compatible vendors through the AWS Partner Device Catalog.