To improve operational efficiency, use Amazon CloudWatch for monitoring, and enable logging to CloudWatch for each AWS Service. You can configure logging for all of AWS IoT Core or only specific groups. For API Gateway, you can enable API logging to CloudWatch. To identify queries that may need tuning, you can use Amazon DocumentDB Performance insights or use Amazon DocumentDB profiler to define a slow query and log its execution details to CloudWatch logs. 

Read the Operational Excellence whitepaper

AWS IoT Core provides fine-grained access controls for managing topic permissions. Every device or sensor needs a credential to interact with AWS IoT, and all traffic to and from AWS IoT is encrypted via Transport Layer Security (TLS). Use AWS Identity and Access Management (IAM) roles to provide only the needed permissions to Lambda to access Amazon MSK and API Gateway. Amazon DocumentDB allows for encryption at rest, as well as TLS for data in transit. To further protect resources in production, use Amazon Cognito to protect the API Gateway for public user authentication and authorization.

Read the Security whitepaper

Serverless technologies implemented in this Guidance are highly available and scalable depending on traffic. Amazon DocumentDB is a fully managed document database service that is deployed as a highly available 3 node cluster spanning across three Availability Zones and allows you to scale vertically and horizontally. Backup in Amazon DocumentDB is enabled by default and cannot be disabled, and the database can be restored to any second during the retention period, up to the last five minutes. 

Read the Reliability whitepaper

This Guidance comprises managed services, integrated monitoring, alerting, reporting, and event-driven workloads. The services selected for this Guidance have high availability, resiliency, efficiency, and remove undifferentiated heavy lifting. Amazon DocumentDB allows for flexibility within document storage due to the expected changes in IoT hardware, sensors, and schemas that are common within agricultural implementations of IoT. 

Read the Performance Efficiency whitepaper

To avoid over provisioning of resources, this Guidance incorporates serverless technologies for on-demand data ingestion, processing storage, and to optimize costs through pay-as-you-go pricing. With Amazon DocumentDB, you only pay for the capacity you use for storage and backup; it offers per second billing for compute with no extra cost for encryption and monitoring. As Amazon DocumentDB supports flexible data model (also called 'schemaless'), it reduces engineering effort required to support new IoT devices. New IoT device models often bring varying sensor values and can require changes to schemas.

Read the Cost Optimization whitepaper

The serverless services used in this Guidance ensure that just the right amount of resources are utilized to handle the workload. And the use of managed services (such as Amazon DocumentDB) are aimed at reducing carbon footprint using AWS Graviton Processors compared to the footprint of continually operating on-premises servers. The scaling features of Amazon DocumentDB allows for scaling vertically and horizontally to reduce unnecessary resources. 

Read the Sustainability whitepaper