Thingpress is an AWS IoT administration tool. Customers often choose to design IoT devices that have pre-provisioned x.509 certificates. Secure element and trusted platform module manufacturers inject x.509 certificates to these chips in secure manufacturing facilities. The same x.509 certificates must be registered to AWS IoT for devices to authenticate. Thingpress imports these certificates to AWS IoT in a scalable way such that you can import hundreds of thousands, if not millions, of certificates per day.
Thingpress does more than import certificates. Thingpress automatically creates an AWS IoT Thing in the AWS IoT Registry based on the certificate CN value (common practice) and attaches it to the certificate. And because devices must be authorized for actions and ideally participate in IoT fleet management, Thingpress optionally attaches AWS IoT Policy (authorization) to the certificate, Thing Type (fleet management) to the Thing, and Thing to a Thing Group (fleet management).
The objects you associate reflect application design and device lifecycle goals. There is more information in the Getting Started section to help guide you.
Thingpress supports manifests from three vendors as well as programmatically generated certificates (i.e. exported from another system). The following is the list of vendors in alphabetical order, associated pre-provisioned certificate parts, and Thingpress documentation for each vendor.
| Vendor | Components | Thingpress Documentation |
|---|---|---|
| Espressif Systems | ESP32-S3 | Thingpress for Espressif |
| Infineon Technologies SA | Optiga Trust M Express | Thingpress for Infineon |
| Microchip Technology Inc. | Trust Platform Trust&GO ATECC608 TrustFlex ATECC608 |
Thingpress for Microchip |
| Generated Certificates | Programmatically generated certificates | Thingpress for Generated Certificates |
See our Development Roadmap for information about upcoming features and development priorities.
Thingpress is a tool used for production environment preparation. Careful AWS IoT preparation can provide many benefits throughout the device lifecycle. At scale (i.e., hundreds of thousands of devices), an adjustmen to object attachments (i.e. Thing Group and Thing Type) can be a daunting task. Plan well.
- Familiarize yourself with the following topics: x.509 client certificates, AWS IoT Core policies, AWS IoT Things (device registry), IoT Thing Types, and IoT Thing Group.
- Become familiar with any planning activity for your chosen vendor: Espressif, Infineon, Microchip, or Generated Certificates.
- Evaluate service API call limits. Although Thingpress recovers from API throttling to not lose data, avoid API throttling in the first place to optimize processing time.
- Prepare and test artifacts to be associated with the import. Verify that the effective policy on the device is exactly what want. Policies may be adjusted later, but testing may highlight adjustments to Thing Group hierarchies.
- Install Thingpress with required and vendor specific parameters. Multiple Thingpress installations may be required - for example, if you have multiple product lines, each having a different IoT Thing Type and Group.
- Invoke the processing by uploading the vendor supplied certificate manifest to the vendor specific S3 bucket. Typically, the batch is approximately 100,000 certificates per hour, including all requested object associations.