AWS Lambda

KPN Things: Configure an AWS Lambda destination

Naming

Give your AWS Destination a nice name and optionally a description.

Connection details

First you need to create an AWS account (AWS Free Tier) on https://aws.amazon.com/free, or use an existing AWS account. Then follow the instructions below to create an integration in your AWS account. Keep your KPN Things Destination configuration screen open, as you will need to copy information from and to it later.

AWS: Create an integration

This is an example to integrate directly with an AWS Lambda function.

There are other alternatives, like AWS API gateway combined with an Lambda Authorizer.

Log in to your AWS account and go to Services > Lambda. There, click the Create function button and follow the steps below.

Creating a Lambda function

1. Basic information

In the first step, enter the following information.

  • Function name Enter a name that describes the purpose of your function.

  • Runtime Choose the language to use to write your function.

  • Architecture

    Choose the instruction set architecture you want for your function code.

Permissions and Advanced Settings can be left to default.

Click Create Function.

2. Code

Select the Code tab to define your code.

3. Configuration

In the Configuration tab choose the option Function URL.

Then Click Create function URL and choose your Auth type, in this case NONE.

Configuring a Function URL

Click Save. This result in Function URL.

KPN Things: Continue with Configure a AWS destination

In this step, you need to copy/paste information from AWS to Things. So pay attention, please.

Go back to the KPN Things Destination configuration screen and fill the remain fields.

  • HTTP endpoint URL Copy the Function URL from AWS into the KPN Things Destination configuration.

  • Shared secret With the shared secret you have the possibility to verify that Things has sent the data and not someone else, because with the shared secret a unique Things-Message-Token is calculated for each message. Within the Lambda function you can repeat the calculation and check whether the calculated Things-Message-Token is the same as the received Things-Message-Token. Below you can find an example of a calculation and a check in Python.

def lambda_handler(event, context):
    # This is an example.
    # Make sure you store the sharedSecret in a safe place,
    # e.g. using AWS Secret Manager.
    
    sharedSecret='[Fill in your shared secret]'
    requestBody=event['body']
    thingsMessageToken=event['headers']['things-message-token']
    input = requestBody + sharedSecret;
    
    def calculate_sha256(data):
    # Convert data to bytes if it’s not already
        if isinstance(data, str):
            data = data.encode()
        # Calculate SHA-256 hash
        sha256_hash = hashlib.sha256(data).hexdigest()
        return sha256_hash 
    
    
    if thingsMessageToken == calculate_sha256(input):
    # Define further action
        return {
            'statusCode': 201,
        }
    else:
        return {
            'statusCode': 401,

        }

Finally, go back to the KPN Things Destination configuration screen and press the Add AWS destination button to save the new Destination in KPN Things.

Now, you are finished and good to go!

PreviousDatacakeNextGoogle Cloud Run functions

Last updated

Was this helpful?