Skip to main content

Cloud platform policy management

The cloud platform policy in DigiCert® Device Trust Manager defines the configuration required to automatically onboard and offboard devices to and from the OEM's preferred IoT platform, such as Azure Event Grid, AWS IoT, or Cumulocity IoT.

OEMs often leverage public IoT platforms not only for device connectivity but also for hosting microservices, managing telemetry, and operating cloud-native infrastructure, such as databases and Kubernetes workloads. These platforms form the backbone of the OEM’s connected product ecosystem.

The cloud platform policy ensures that:

  • Devices provisioned through Device Trust Manager are automatically registered with the target IoT platform.

  • Devices can seamlessly authenticate and connect to the IoT platform endpoint.

  • Devices are automatically offboarded from the IoT platform when deleted in Device Trust Manager.

Cloud platform policies are assigned to Device groups in Device Trust Manager. Each cloud platform policy assignment to the group leverages the corresponding certificate management policy, specifically one that is used for operational certificates. This ensures that the device is provisioned with an appropriate X.509 certificate, enabling secure authentication with the IoT platform during its operational lifecycle.

Tipp

Azure Event Grid is a fully managed event routing service from Microsoft that enables event-driven architectures across services. It allows applications to react in near-real time to events originating from Azure services, custom applications, or IoT devices using open protocols like MQTT.

Through the cloud platform policy, devices enrolled in Device Trust Manager can be automatically registered and routed to the appropriate Azure Event Grid endpoint. Once onboarded, devices can send and receive MQTT messages using secure, certificate-based authentication.

What’s next?

Create a cloud platform policy