Amazon.com, Inc.
Securing connections with edge devices that are incapable of encrypted transport layer connections

Abstract:

An IoT service of a provider network may secure connections with IoT devices that are incapable of encrypted transport layer connections. The IoT service may expose a private endpoint of the IoT service into an isolated virtual network of a client. The provider network may provide a private pathway for traffic between the private endpoint and the isolated virtual network. The IoT service may receive, at the private endpoint from a remote edge device of the client, a request to connect to the IoT service. In response, the IoT network may determine that the request was received from the isolated virtual network of the client. In response to determining that he request was received from the isolated virtual network of the client, the IoT service may authenticate the private endpoint and establish a connection with the remote edge device.