amazon-bedrock-agentcore-samples/02-use-cases/device-management-agent/device-management

Device Management Module

This module implements the core functionality of the Device Management system, including the Lambda function that handles all MCP server tools, DynamoDB models, and testing utilities.

Components

• lambda_function.py: Main Lambda handler that implements all MCP tools
• dynamodb_models.py: DynamoDB table definitions and initialization
• synthetic_data.py: Script to generate synthetic test data
• test_lambda.py: Script to test the Lambda function locally
• deploy.sh: Deployment script for the Lambda function
• requirements.txt: Python dependencies

Setup

1. Create a .env file in this directory with the following variables:

# AWS configuration
AWS_REGION=us-west-2

# Lambda configuration
LAMBDA_FUNCTION_NAME=DeviceManagementLambda
LAMBDA_ROLE_NAME=DeviceManagementLambdaRole

# Agent Gateway IAM configuration
AGENT_GATEWAY_POLICY_NAME=AgentGatewayAccess
AGENT_GATEWAY_ROLE_NAME=AgentGatewayAccessRole

2. Install the required Python packages:

pip install -r requirements.txt

Deployment

You can deploy the Lambda function using the provided deployment script:

chmod +x deploy.sh
./deploy.sh

The deployment script performs the following actions:

• Packages the Lambda function code with dependencies
• Creates an IAM role with necessary permissions (if it doesn't exist)
• Creates or updates the Lambda function
• Configures the function with appropriate memory and timeout settings

DynamoDB Tables

The function uses the following DynamoDB tables in the configured AWS region:

• Devices: Device inventory and status
• DeviceSettings: Device configuration settings
• WifiNetworks: WiFi network configurations
• Users: User accounts and profiles
• UserActivities: User activity logs

Generate Test Data

To populate the tables with synthetic test data:

python synthetic_data.py

Test the Lambda Function

You can test the Lambda function locally using the provided test script:

python test_lambda.py

This script tests all available tools and verifies that they work correctly.

IAM Permissions

The Lambda function requires the following IAM permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "dynamodb:GetItem",
        "dynamodb:Query",
        "dynamodb:Scan",
        "dynamodb:UpdateItem"
      ],
      "Resource": [
        "arn:aws:dynamodb:us-west-2:*:table/Devices",
        "arn:aws:dynamodb:us-west-2:*:table/DeviceSettings",
        "arn:aws:dynamodb:us-west-2:*:table/WifiNetworks",
        "arn:aws:dynamodb:us-west-2:*:table/Users",
        "arn:aws:dynamodb:us-west-2:*:table/UserActivities",
        "arn:aws:dynamodb:us-west-2:*:table/UserActivities/index/ActivityTypeIndex"
      ]
    }
  ]
}

Available MCP Tools

The Lambda function exposes the following MCP tools:

1. list_devices: Lists all devices in the system
2. get_device_settings: Retrieves settings for a specific device
3. list_wifi_networks: Lists WiFi networks for a specific device
4. list_users: Lists all users in the system
5. query_user_activity: Queries user activity within a time period
6. update_wifi_ssid: Updates the SSID for a WiFi network
7. update_wifi_security: Updates the security type for a WiFi network

Integration with Other Modules

• Gateway Module: The Lambda function is the target for the gateway created in the gateway module.
• Frontend Module: The frontend communicates with this Lambda function through the gateway.