View a markdown version of this page

Development with Matter - AWS Prescriptive Guidance
Using AlexaAWS Private CA support for MatterManaged integrations with AWS IoT Device Management

Development with Matter

Using Alexa

Amazon offers a comprehensive suite of tools for Matter development. These tools provide an expedited path to build Matter products that are compatible with all major ecosystems and that work seamlessly with Amazon Alexa.

Program: Works with Alexa

This program ensures your Alexa-connected devices provide a great customer experience. The Works with Alexa (WWA) badge increases customer confidence, which helps drive preference for your certified devices. For more information, see Announcing Matter Launch and Introducing Works with Alexa (WWA) for Matter devices (Amazon blog post).

SDK: Develop Matter with Alexa

This SDK lets you add local Matter connectivity to your device while also including managed cloud connectivity, business intelligence, and OTA support. For more information, see Get the most out of Matter with Alexa.

Kit: Alexa Ambient Home Developer Kit

This kit helps you integrate with devices across protocols in order to build an ambient and unified smart home with Alexa. For more information, see Amazon Alexa.

Endpoint: Commissionable Endpoint

For skill-connected Matter devices, the Commissionable Endpoint API creates a local, Matter-based connection to Alexa devices without any steps required by your customer with their permission. For more information, see Alexa.Commissionable Interface 1.0 (Alexa Skills Kit).

AWS Private CA support for Matter

AWS Private Certificate Authority (AWS Private CA) provides guidance on using the Matter standard.

DAC for Matter

Matter requires a device attestation certificate (DAC), which must be issued by a device attestation CA that is compliant with the Matter public key infrastructure (PKI) certificate policy (CP). Device vendors can use AWS Private CA to do the following:

  • Host the Product Attestation Authority (PAA) certificate authority (CA)

  • Host the Product Attestation Intermediate (PAI) CA

  • Issue, sign and maintain each device's DAC

For more information, see Use AWS Private Certificate Authority to issue device attestation certificates for Matter in the AWS Security Blog.

Node Operational Certificates (NOC)

In addition to device attestation, AWS Private CA supports issuing Node Operational Certificates (NOCs), which are used to secure communication within a Matter fabric. AWS provides Java samples for activating a root CA and subordinate CA for NOCs and creating a NOC.

For more information, see Using the AWS Private CA API to implement Matter certificates in the AWS Private Certificate Authority documentation.

CRL Revocation Support (Matter version 1.2 and later)

Matter version 1.2 introduced Device Attestation Certificate (DAC) revocation using Certificate Revocation Lists (CRLs). When enabling CRL revocation for CAs that issue Matter certificates, set OmitExtension to true in the CrlConfiguration object within the CrlDistributionPointExtensionConfiguration structure. In Matter, the CRL Distribution Point (CDP) URI is not embedded in certificates but is instead fetched from the Matter Distributed Compliance Ledger (DCL). You must upload the CDP URI to the Matter DCL for discovery during DAC validation.

Infrastructure for Matter

AWS provides an example that demonstrates the use of AWS Cloud Development Kit (AWS CDK) to set up PKI infrastructure for Matter. You use AWS Private CA to meet the requirements of the Matter PKI CP. For more information, see Matter PKI CDK project on GitHub.

Java samples

AWS Private CA provides Java samples for creating Matter-compliant Product Attestation Authority (PAA) certificates, Product Attestation Intermediate (PAI) certificates, and Device Attestation Certificates (DACs). For more information, see Using the AWS Private CA API to implement the Matter standard (Java examples) in the AWS Private Certificate Authority documentation.

Guide for Matter PKI compliance

This Matter PKI Compliance Guide explains how to implement and demonstrate compliance with the CSA Matter PKI CP requirements. It provides information about how you can use to AWS Private CA to create and operate Matter-compliant Certificate Authorities (CAs).

Managed integrations with AWS IoT Device Management

AWS IoT Device Management includes the managed integrations feature, which provides a unified interface for onboarding and managing diverse IoT devices regardless of connection type (direct, hub-based, or cloud-to-cloud).

The following are key capabilities relevant to Matter:

  • Device SDKs supporting ZigBee, Z-Wave, Matter, and Wi-Fi protocols

  • More than 80 device data model templates based on the AWS implementation of the Matter data model standard

  • Partner-built cloud-to-cloud (C2C) connectors

  • Unified device control across multiple brands and protocols

  • Available in Canada (Central), Europe (Ireland), and Middle East (UAE) regions

For more information, see What is managed integrations for AWS IoT Device Management?