Amazon Sidewalk Program Security Requirements
Any terms not defined here will have the meaning set forth in the AWS Customer Agreement or the AWS Service Terms.
You agree that you and your AS Devices shall comply with the following:
-
You will implement all reasonable security measures to ensure that no third party may gain unauthorized access from your AS Device to Amazon Sidewalk, any Amazon Sidewalk Content, or any data intended for or delivered by Amazon Sidewalk;
-
You will not use Amazon Sidewalk, the Services, or AS Devices for the purpose of monitoring, and will not monitor, the availability, performance, or functionality of any of our products or services;
-
You will implement in your AS Devices the Amazon Sidewalk Content that we may require for firmware update, reporting, or debugging purposes and will report such metrics or data to us;
-
You must ensure the AS Device firmware is updated to fix known security vulnerabilities;
-
Your AS Devices will use a supported version of the Amazon Sidewalk Software Development Kit (Long Term Support (LTS) SDK), and if we notify developers of an update to the minimum LTS SDK version (including by website publication and/or e-mail), you will upgrade to such updated LTS SDK (or later version), within a period of 120 days of such notice;
-
You will not remove, disable, modify, circumvent, or interfere with any of the features or functionality we make available through Amazon Sidewalk;
-
You will not facilitate or attempt to gain access to Amazon Sidewalk through any means other than through the provisioning and secure authentication methods we specify, and you will not disable, modify, circumvent, or avoid any security mechanism or protocol of Amazon Sidewalk or the Services;
-
You will design update mechanisms so that they are secure;
-
You will promptly (and in any event within any timeframes we expressly specify) update your AS Devices with any updates we might require to any Amazon Sidewalk Content incorporated into your AS Devices and you will enable and not prevent or interfere with any over-the-air updates we require to such Amazon Sidewalk Content;
-
You will protect the secrecy of any Amazon Sidewalk Content consisting of private cryptographic keys and solely handle and install those private cryptographic keys onto an AS Device by following our technical security requirements for private cryptographic keys;
-
You must immediately contact us via e-mail if you become aware that any Amazon Sidewalk Content consisting of one or more private cryptographic keys were actually, may have been, or may in the future be exposed, compromised, inadvertently disclosed, or otherwise handled in a manner inconsistent with our technical requirements published on the Amazon Sidewalk Documentation.
-
If you suspect or become aware of any security vulnerability related to Your Content or AS Devices that may adversely affect Amazon Sidewalk or End Users’ use of or access to Amazon Sidewalk, then you will immediately notify us and will take all appropriate steps to remedy such vulnerability, including cooperating with us.