Chapter 16. Calling external services
This chapter covers
- Using external APIs in Lambda functions
- Using AWS KMS to secure third-party credentials in Lambda functions
- Calling IFTTT from a Lambda function
- Using AWS Lambda to send a message to a Slack team
- Using the GitHub API from a Lambda function
In the previous chapter, you learned how to use Lambda functions to automate management activities on your infrastructure, react to alarms, and automatically deploy other functions.
Now you’ll extend the reach of your possibilities with common patterns and practical examples of how you can securely call external services, such as IFTTT (If This Then That), Slack, or GitHub from a Lambda function.
Storing secrets such as passwords or API keys inside your code is never a good approach, because during the lifecycle of the application you may accidentally give access to the code (and the secrets) to non-authorized people. With AWS Lambda you can easily use AWS Key Management Service (KMS), a service that makes it easy for you to create and control encryption keys and to encrypt your data. AWS KMS uses hardware security modules (HSMs) to protect the security of your keys.
Tip
HSMs are pieces of hardware that provide cryptographic functions, such as encryption, decryption, key generation, and physical tamper-resistance. For more information on HSMs, visit https://safenet.gemalto.com/data-encryption/hardware-security-modules-hsms/.