- Newest
- Most votes
- Most comments
You are correct that Things can be optional. Identity and authorization are provided by the certificate, Cognito Identity, or custom authentication, where each credential is then associated with an IAM or IoT policy that allows or rejects different IoT actions.
It is best practice to associate a Thing with a certificate. By doing so, you can enforce that the MQTT clientId provided during a connection matches a Thing name, and if using the ThingName as a policy variable that can limit a device's IoT actions publish and subscribe topics. A thing also provides metadata and the ability to use FleetHub to manage devices, ability to enable fleet indexing, and provides a data source of all devices registered with IoT Core.
Technically a thing isn't needed to utilize shadows (classic or named), but as you mentioned, this is where scoping by ThingName can be useful.
Relevant content
- Accepted Answerasked 3 years ago
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago