The nRF9160 DK has a size limit of 2303 bytes for receiving TLS packages. See the following contents of the mfw_nrf9160_1.2.0_release_notes.txt
file in nRF9160 modem firmware binaries (v1.2.0) for reference.
The nRF Asset Tracker sets up an IoT rule, which only publishes the cfg
section of the shadow document to a separate topic $aws/things/<thing name>/shadow/get/accepted/desired/cfg
when devices receive their state after publishing an empty message to \$aws/things/<thing name>/shadow/get <https://docs.aws.amazon.com/iot/latest/developerguide/device-shadow-mqtt.html#get-pub-sub-topic>.
The published object can be empty as shown, if the device has no shadow or if the configuration is not set:
{}
Otherwise, the message contains a top-level key cfg
and the desired device configuration as shown below:
./desired-cfg.json