Configurable endpoints - Amazon IoT Core
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Configurable endpoints

In Amazon IoT Core, you can use domain configurations to configure and manage the behaviors of your data endpoints. With domain configurations, you can generate multiple Amazon IoT Core data endpoints, customize these data endpoints with your own fully qualified domain names (FQDN) and associated server certificates, and also associate a custom authorizer. For more information, see Custom authentication and authorization.


This feature is not available in GovCloud Amazon Web Services Regions.

Domain configurations use cases

You can use domain configurations to simplify tasks such as the following.

  • Migrate devices to Amazon IoT Core.

  • Support heterogeneous device fleets by maintaining separate domain configurations for separate device types.

  • Maintain brand identity (for example, through domain name) while migrating application infrastructure to Amazon IoT Core.

Important notes for using domain configurations in Amazon IoT Core

Amazon IoT Core uses the server name indication (SNI) TLS extension to apply domain configurations. Devices must use this extension when they connect to Amazon IoT Core. They also must pass a server name that is identical to the domain name that you specify in the domain configuration. To test this service, use the v2 version of the Amazon IoT Device SDKs in GitHub.

If you create multiple data endpoints in your Amazon Web Services account, they will share Amazon IoT Core resources such as MQTT topics, device shadows, and rules.

When you provide the server certificates for Amazon IoT Core custom domain configuration, the certificates have a maximum of four domain names. For more information, see Amazon IoT Core endpoints and quotas.