By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Verifying Rule destination on AWS IOT for Telegram Bot

0

I am trying to set up a simple service where I send messages from an edge device towards AWS IOT. AWS IOT then has a rule functionality (https://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html) that allows me to route that message towards a web app or service.

I have managed to do is to send messages to a topic on AWS IOT Core and save them in a S3 Bucket. Now I am trying to set up a rule to route them to Telegram. I followed a Telegram Bot tutorial and obtained a link https://api.telegram.org/bot<bot token>/sendMessage?chat_id=<chat id>&text=<my message>. I have a bot token and chat id entered in. If I substitute <my message> with my personal message and add to that my browser, my telegram channel will get the message.

I am trying to have custom messages to my telegram channel based on received messages on MQTT, AWS IoT Rules Engine requires a confirmation that I can access the data sent to that endpoint. The Rules Engine issues a challenge message to the specified endpoint with a token. If I can get the token and send that back to Rules Engine, then I can prove that I have access to the data on the receiving side, which would complete the confirmation process. The message has a format like this: HTTP POST {confirmationUrl}/?confirmationToken={confirmationToken}

I am seriously confused how to verify that with the link from Telegram above. According to AWS, if you control that endpoint, you can simply look in your service logs for POST requests to that resource with the confirmationToken URI query, extract that token value, and paste it back into the AWS IoT console. I guess my main questions based on the telegram link I have above would be:

  1. What is the HTTPS Endpoint I should enter for my rule action here?
  2. What is the Confirmation Url I should enter for my rule action here?
  3. How would I check for the confirmation token? I have no idea how to open the service log.
Topics
Internet of Things (IoT)
Tags
AWS IoT CoreInternet of Things (IoT)
Language
English
lohkp
asked 2 years ago470 views
2 Answers
0

Thanks for the details regarding the question on the Rules Engine HTTP action. The confirmation process is required to ensure that unauthorized endpoints are not sent traffic from AWS IoT Core., hence the control plane method for sending the confirmation token as a specific query string (and body) key and value. The service logs in question would be with the endpoint, which in this case would be Telegram.

I haven't tested with Telegram but in looking at the API, my guess that since the API URI is https://{confirmation url}/?confirmationToken={confirmation token} (where the URL could include the bot token id), it would still fail on only seeing the ?confirmationToken={confirmation token} param/value without matching the API parameters.

One alternative is you could move the logic of sending messages to another rules action such as AWS Lambda (lambda action) or AWS Fargate (HTTP listener that then reformats the message and sends to Telegram via the HTTPS action and validation process above). So, store the credentials and logic to read the message from AWS IoT Core and transform to an HTTP POST that is valid for Telegram.

Interested in what you come up, please let me know how it works out.

AWS
Gavin_A
answered 2 years ago
0

Hi,

I've checked with Telegram Bot API and accessing the service logs isn't possible.

I've switch to AWS Lambda and it works!

lohkp
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content