AWS IoT Device Management Features

Easily Register Connected Devices in Bulk

AWS IoT Device Management helps you register new devices by using the IoT management console or API to upload templates that you populate with information like device manufacturer and serial number, X.509 identity certificates, or security policies. Then, you can configure the entire fleet of devices with this information with a few clicks in the management console.

AWS IoT Device Management - Onboard Devices

Organize Connected Devices into Groups

With AWS IoT Device Management, you can group your device fleet into a hierarchical structure based on function, security requirements, or any other category. You can group one device in a room, group devices together that operate on the same floor, or group all the devices that operate within a building. Then, you can use these groups to manage access policies, view operational metrics, or perform actions on your devices across the entire group. You can also automate organization of your devices with dynamic thing groups. Your dynamic thing groups will automatically add devices that meet your specified criteria and remove the devices that no longer match the criteria.

AWS IoT Device Management - Connected Device Groups

AWS IoT Device Management makes it easy to query a group of devices and aggregate statistics on device records based on any combination of device attribute, state and connectivity indexing so that you can better organize and understand your fleet. For example, you can search for a group of connected temperature sensors in a manufacturing facility, count the number of sensors with a specific firmware version, and find the average temperature reading for those sensors.

AWS IoT Device Management - Fleet Indexing and Search

Fine-Grained Device Logging

AWS IoT Device Management lets you collect device logs so that in the event of a problem you can query the log data to figure out what went wrong. You can configure the logs to include only the metrics that are critical to device performance so you can identify issues quickly. For example, you can include device metrics like error codes that indicate download failures or device restart counters, and quickly identify and troubleshoot issues on devices within the device group.

AWS IoT Device Management - Logging

Remotely Manage Connected Devices

AWS IoT Device Management allows you to push software and firmware to devices in the field to patch security vulnerabilities and improve device functionality. You can execute bulk updates, configure rollout schedule, control deployment velocity, set failure thresholds, and define continuous jobs to update device software automatically so they are always running the latest version. You can send actions such as device reboots or factory resets remotely to fix software issues in the device or restore the device to its original settings. You can also digitally sign files that you send to your devices, helping to ensure your devices are not compromised.

FreeRTOS over-the-air (OTA) update job allows you to use AWS IoT Device Management to schedule your FreeRTOS device software updates. You can also use the code signing feature.

You can also create an AWS IoT Greengrass Core update job for one or more AWS IoT Greengrass Core devices using AWS IoT Device Management in order to deploy security updates, bug fixes, and new AWS IoT Greengrass features to connected devices.

AWS IoT Device Management - Remote Management

Secure Tunneling

AWS IoT Device Management supports the creation of a device tunnel - a secure remote communications session to a device. This provides secure connectivity to individual devices, which you can then use to diagnose issues and act to solve in just a few clicks. You can also make multiple, concurrent client connections over a single secure tunnel, enabling you to perform more advanced device troubleshooting, such as issuing remote shell commands to a device while simultaneously debugging a web application on the same device.

With Secure Tunneling, you can rapidly build remote access solutions to connect to devices on isolated networks or behind firewalls. You can establish these trusted connections that allow you to comply with your customers’ corporate security policies, without the need to adjust inbound firewall configurations or manage proxies for each user network. This is accomplished by a mutually initiated tunnel connection between source and destination devices that is brokered through the Secure Tunneling feature in AWS IoT Device Management. These secure device connections are authenticated and encrypted using Transport Layer Security (TLS), and can be configured with a user defined timeout setting that will ensure connections close after certain period of time.

Secure Tunneling How it Works

Fleet Hub

AWS IoT Device Management includes the ability to create no-code, fully-managed web applications using Fleet Hub to visualize and interact with your device fleets connected to AWS IoT. With Fleet Hub, you can search across your large and diverse fleets and view device state and health data, in near real time—such as connection status, firmware version, country code, or battery level. You can program alarms, which are triggered by rule-based changes to device status and health metrics and customizable by each end user, to be notified of potential issues. Once alerted to an alarm, you can take built-in corrective actions, such as deploying a firmware update or rebooting a device. Fleet Hub’s seamless integration with the many AWS IoT Device Management features as well as across other AWS IoT services allows you to easily interact with your devices to do so, like pushing an OTA (“over the air”) update via Jobs or opening a Secure Tunnel to reconfigure a device. Users can access the web applications from a browser on any web-enabled desktop, tablet, or phone and sign-in with their corporate credentials through a single sign-on experience; and IT administrators can control access to operational data from devices and equipment for different end users by adding users from their corporate directory and defining permissions through AWS IAM Identity Center (successor to AWS SSO), Active Directory, and AWS Organizations.

Secure Tunneling How it Works

Learn more about AWS IoT Device Management pricing

Visit the pricing page
Ready to get started?
Sign up
Have more questions?
Contact us