Bosch IoT Device Management - will be discontinued by mid 2024

AWS S3 - HTTP connection

Publish each twin event as an object in an AWS S3 bucket.

In this example, we configure an HTTP connection that publishes twin events to AWS S3 (Simple Storage Service).

Table of contents:


To follow this example you will need:

  • A Bosch IoT Things service subscription

  • An AWS S3 bucket

  • An AWS IAM user with access to S3

Create the connection

Starting at the Bosch IoT Suite UI, click the Connection entry in the left navigation.

In case it is not there, use the search, and click the star icon to pin it to your navigation bar.


Please make sure, that your connections are active. This is indicated with the plug symbol: in the example below the first connection is open and will work, the second one is disabled.


If one of your connections are closed, just open them.

Click Add to create a new connection.

  • Select HTTP from the categories.

  • Give the connection a name. Setting a name is required.

  • Click the Continue button.


Configure credentials

  • Scroll to the Coordinates section.

  • Choose hmac as the credential type.

  • Choose aws4-hmac-sha256 as the algorithm.

  • Enter the AWS region of your S3 bucket, e.g. eu-central-1.

  • Enter s3 as the AWS service name.

  • Enter the access key of the S3 user.

  • Enter the secret key of the S3 user.

  • Uncheck “Double encode and normalize path segments”.

  • Choose INCLUDED for Payload hash as header


Configure the hostname

  • Scroll to the Connection coordinates section.

  • Enter the hostname of your S3 bucket: <bucket-name>.s3.<aws-region>


Add a target

  • Scroll to the Targets section.

  • Click the Add target button.

  • Choose PUT as the HTTP verb.

  • Enter / as the HTTP path.
    Payload mapping will compute the HTTP path for each twin event so that events are stored as distinct objects

  • Add an authorization subject, e.g. integration:<solution-id>:s3.

  • Check Thing twin events under Topics to publish on address.

  • Click Save new target.


Configure payload mapping

  • Scroll to the Payload mapping section.

  • Check Enable custom JavaScript-based payload mapping.

  • Change the outgoing payload mapping to compute a unique S3 object name for each event, and set it as the path of the outgoing HTTP request via the special header http.path.
    A thing-modified event for the thing com.acme:coffee-brewer of revision 42 would create the S3 object com.acme:coffee-brewer:things:twin:events:modified:42 .

    function mapFromDittoProtocolMsgWrapper(msg) {
    let topic = msg['topic'].split('/').join(':');
    let headers = {
    'http.path': topic + ':' + msg['revision']
    let textPayload = JSON.stringify(msg);
    let bytePayload = null;
    let contentType = 'application/json';
    return Ditto.buildExternalMsg(headers, textPayload, bytePayload, contentType);

  • Click the Create button at the top right to save the connection.

Authorize the connection for twin events

Follow the steps Add a policy entry for public cloud connections.

Replace xxx from that example with the authorization subject of this connection in the policy, e.g. integration:<solution-id>:s3.

Subsequent twin modifications will create objects in the S3 bucket containing the corresponding events.