Encryption in transit - Amazon IoT Greengrass
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Encryption in transit

Amazon IoT Greengrass has two modes of communication where data is in transit:

Data in transit over the internet

Amazon IoT Greengrass uses Transport Layer Security (TLS) to encrypt all communication over the internet. All data sent to the Amazon Web Services Cloud is sent over a TLS connection using MQTT or HTTPS protocols, so it is secure by default. Amazon IoT Greengrass uses the Amazon IoT transport security model. For more information, see Transport security in the Amazon IoT Core Developer Guide.

Data on the core device

Amazon IoT Greengrass doesn't encrypt data exchanged locally on the Greengrass core device because the data doesn't leave the device. This includes communication between user-defined components, the Amazon IoT device SDK, and public components, such as stream manager.