This document discusses security best practices for connecting IoT devices to AWS IoT. It recommends using TLS mutual authentication with X.509 certificates to securely connect devices. AWS IoT supports MQTT and HTTP protocols. Strong identity is ensured by generating unique certificates per device. Fine-grained access control is provided by attaching authorization policies to certificates. Mobile applications can also securely access devices via AWS Cognito identity pools.