Have you considered a normal socket connection, and simply AES encrypting your data during transmission? You should be able to smash a checksum of the encrypted message down to like 4 bytes, and then include a delimiter sequence to snip the checksum off the datagram.
You can use SSL to fetch the initial AES key from your backend, and then use that key in the future over normal network sockets.
Sure, you might get MITM, but who cares, if the messages are encrypted and checksummed.
Can't help with the AWS stuff, we just push messages to our own backend servers directly.