diff --git a/lambda-events/Cargo.toml b/lambda-events/Cargo.toml
index dd04460f..41885e52 100644
--- a/lambda-events/Cargo.toml
+++ b/lambda-events/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "aws_lambda_events"
-version = "1.0.3"
+version = "1.1.0"
 rust-version = "1.84.0"
 description = "AWS Lambda event definitions"
 authors = [
diff --git a/lambda-events/src/event/iot/mod.rs b/lambda-events/src/event/iot/mod.rs
index 81123b6e..5fe14f56 100644
--- a/lambda-events/src/event/iot/mod.rs
+++ b/lambda-events/src/event/iot/mod.rs
@@ -54,6 +54,10 @@ pub struct IoTCoreProtocolData {
 pub struct IoTCoreTlsContext {
     #[serde(default)]
     pub server_name: Option<String>,
+    #[serde(default)]
+    pub x509_certificate_pem: Option<String>,
+    #[serde(default)]
+    pub principal_id: Option<String>,
     /// Catchall to catch any additional fields that were present but not explicitly defined by this struct.
     /// Enabled with Cargo feature `catch-all-fields`.
     /// If `catch-all-fields` is disabled, any additional fields that are present will be ignored.
@@ -91,6 +95,10 @@ pub struct IoTCoreHttpContext {
 pub struct IoTCoreMqttContext {
     #[serde(default)]
     pub client_id: Option<String>,
+    ///  X.509 custom authorizer requests don't include a password field.
+    /// Default to empty `Vec<u8>` when absent.
+    /// Serializing result will be `password: ""`
+    #[serde(default)]
     pub password: Base64Data,
     #[serde(default)]
     pub username: Option<String>,
@@ -158,6 +166,16 @@ mod test {
         assert_eq!(parsed, reparsed);
     }
 
+    #[test]
+    #[cfg(feature = "iot")]
+    fn example_iot_custom_auth_request_x509() {
+        let data = include_bytes!("../../fixtures/example-iot-custom-auth-request-x509.json");
+        let parsed: IoTCoreCustomAuthorizerRequest = serde_json::from_slice(data).unwrap();
+        let output: String = serde_json::to_string(&parsed).unwrap();
+        let reparsed: IoTCoreCustomAuthorizerRequest = serde_json::from_slice(output.as_bytes()).unwrap();
+        assert_eq!(parsed, reparsed);
+    }
+
     #[test]
     #[cfg(feature = "iot")]
     fn example_iot_custom_auth_response() {
diff --git a/lambda-events/src/fixtures/example-iot-custom-auth-request-x509.json b/lambda-events/src/fixtures/example-iot-custom-auth-request-x509.json
new file mode 100644
index 00000000..cd31955f
--- /dev/null
+++ b/lambda-events/src/fixtures/example-iot-custom-auth-request-x509.json
@@ -0,0 +1,21 @@
+{
+  "token": "aToken",
+  "signatureVerified": true,
+  "protocols": [
+    "tls",
+    "mqtt"
+  ],
+  "protocolData": {
+    "tls": {
+      "serverName": "serverName",
+      "x509CertificatePem": "x509CertificatePem",
+      "principalId": "principalId"
+    },
+    "mqtt": {
+      "clientId": "myClientId"
+    }
+  },
+  "connectionMetadata": {
+    "id": "UUID"
+  }
+}
\ No newline at end of file