Easily Register Connected Devices in Bulk
AWS IoT Device Management helps you register new devices by using the IoT management console or API to upload templates that you populate with information like device manufacturer and serial number, X.509 identity certificates, or security policies. Then, you can configure the entire fleet of devices with this information with a few clicks in the management console.
Organize Connected Devices into Groups
With AWS IoT Device Management, you can group your device fleet into a hierarchical structure based on function, security requirements, or any other category. You can group one device in a room, group devices together that operate on the same floor, or group all the devices that operate within a building. Then, you can use these groups to manage access policies, view operational metrics, or perform actions on your devices across the entire group. You can also automate organization of your devices with dynamic thing groups. Your dynamic thing groups will automatically add devices that meet your specified criteria and remove the devices that no longer match the criteria.
Fleet Indexing and Search
AWS IoT Device Management makes it easy to query a group of devices and aggregate statistics on device records based on any combination of device attribute, state and connectivity indexing so that you can better organize and understand your fleet. For example, you can search for a group of connected temperature sensors in a manufacturing facility, count the number of sensors with a specific firmware version, and find the average temperature reading for those sensors.
Fine-Grained Device Logging
AWS IoT Device Management lets you collect device logs so that in the event of a problem you can query the log data to figure out what went wrong. You can configure the logs to include only the metrics that are critical to device performance so you can identify issues quickly. For example, you can include device metrics like error codes that indicate download failures or device restart counters, and quickly identify and troubleshoot issues on devices within the device group.
Remotely Manage Connected Devices
AWS IoT Device Management allows you to push software and firmware to devices in the field to patch security vulnerabilities and improve device functionality. You can execute bulk updates, control deployment velocity, set failure thresholds, and define continuous jobs to update device software automatically so they are always running the latest version. You can send actions such as device reboots or factory resets remotely to fix software issues in the device or restore the device to its original settings. You can also digitally sign files that you send to your devices, helping to ensure your devices are not compromised.
Amazon FreeRTOS over-the-air (OTA) update job allows you to use AWS IoT Device Management to schedule your Amazon FreeRTOS device software updates. You can also use the code signing feature.
You can also create an AWS IoT Greengrass Core update job for one or more AWS IoT Greengrass Core devices using AWS IoT Device Management in order to deploy security updates, bug fixes, and new AWS IoT Greengrass features to connected devices.
AWS IoT Device Management supports the creation of a device tunnel - a secure remote communications session to a device. This provides secure connectivity to individual devices, which you can then use to diagnose issues and take action to solve them in just a few clicks. You can also rapidly build remote access solutions to connect to devices on isolated networks or behind firewalls. You can establish these trusted connections that allow you to comply with your customers’ corporate security policies, without the need to adjust firewall configurations or manage proxies for each user network. This is accomplished by a mutually initiated tunnel connection between source and destination devices that is brokered through the Secure Tunneling feature in AWS IoT Device Management. These secure device connections are authenticated and encrypted using Transport Layer Security (TLS), and can be configured with a user defined timeout setting that will ensure connections close after certain period of time.
To enable Secure Tunneling to your IoT devices, you will need to integrate two components – a device agent and a local proxy application. The device agent is used to handle the tunnel connection setup through the Secure Tunneling feature in AWS IoT Device Management. Once the secure tunnel is established, the local proxy application running on each source and destination device is responsible for orchestrating the flow of commands and data between the device and the tunnel.