Documentation Index
Fetch the complete documentation index at: https://mintlify.com/lamassuiot/lamassuiot/llms.txt
Use this file to discover all available pages before exploring further.
Lamassu IoT
Lamassu IoT is an IoT-first public key infrastructure (PKI) platform built for industrial environments, enabling secure device identities, automated certificate lifecycles, and integration with cloud and edge ecosystems.Quickstart
Get up and running with Lamassu in minutes
Architecture
Understand the system architecture
API Reference
Explore the REST APIs
Deployment
Deploy to production environments
Why Lamassu IoT?
Lamassu provides industrial-grade PKI capabilities designed specifically for IoT deployments at scale.Industrial-Grade Security
Hardware-backed key storage, hardened crypto engines, and auditable certificate workflows ensure your IoT infrastructure meets the highest security standards.Cloud & Edge Ready
Pluggable storage, event bus, and crypto layers support AWS, Vault, on-premises, and hybrid setups. Deploy where you need it.Operational Automation
Device onboarding, policy management, and renewal flows are designed for large IoT fleets. Automate certificate lifecycle operations end-to-end.Developer Friendly
SDKs, connectors, and well-defined APIs accelerate integrations with existing platforms and infrastructure.Key Features
Certificate Authority Management
Create and manage CAs with flexible issuance profiles and policies
Device Identity Management
Track device lifecycles, identities, and certificate bindings
EST Protocol Support
RFC 7030 enrollment for automated device certificate provisioning
Key Management Service
Pluggable crypto engines supporting Software, AWS KMS, PKCS#11, and Vault
Advanced Filtering
JSONPath-based filtering and sorting across all resources
Cloud Connectors
Native integration with AWS IoT and other cloud platforms
Architecture Overview
Lamassu follows a microservices architecture with pluggable components:- Backend Services — CA, Device Manager, DMS Manager, KMS, Alerts, Validation Authority
- Crypto Engines — Software, AWS KMS, PKCS#11, HashiCorp Vault
- Storage — PostgreSQL with JSONB support for metadata
- Event Bus — AMQP (RabbitMQ) or AWS EventBridge
- Connectors — AWS IoT, extensible for custom integrations
Quick Links
Managing CAs
Create and configure Certificate Authorities
Device Lifecycle
Manage device registration and enrollment
EST Enrollment
Set up automated device enrollment
Crypto Engines
Configure pluggable crypto backends
Security
Security best practices and hardening
Go SDK
Integrate with the Go SDK
Community & Support
- Documentation: https://www.lamassu.io/docs/
- GitHub Issues: github.com/lamassuiot/lamassuiot/issues
- GitHub Discussions: github.com/lamassuiot/lamassuiot/discussions