End of support notice: On October 7th, 2026, Amazon will discontinue support for Amazon IoT Greengrass Version 1. After October 7th, 2026, you will no longer be able to access the Amazon IoT Greengrass V1 resources. For more information, please visit Migrate from Amazon IoT Greengrass Version 1.
Encryption at rest
Amazon IoT Greengrass stores your data:
-
Data at rest in the Amazon Web Services Cloud. This data is encrypted.
-
Data at rest on the Greengrass core. This data is not encrypted (except local copies of your secrets).
Data at rest in the Amazon Web Services Cloud
Amazon IoT Greengrass encrypts customer data stored in the Amazon Web Services Cloud. This data is protected using Amazon KMS keys that are managed by Amazon IoT Greengrass.
Data at rest on the Greengrass core
Amazon IoT Greengrass relies on Unix file permissions and full-disk encryption (if enabled) to protect data at rest on the core. It is your responsibility to secure the file system and device.
However, Amazon IoT Greengrass does encrypt local copies of your secrets retrieved from Amazon Secrets Manager. For more information, see Secrets encryption.