Hi Jon Vogel,
Thank you for taking the time to respond to the article!
Here is a rough and ready version of the code in the serverless framework, most of which is just CloudFormation anyway: https://github.com/GavL89/apigw-kinesis-proxy
As for authentication, the reality is when dealing with hardware manufacturers, a lot of them really don’t do much around security with the exception of transmitting their data over HTTPS. In this case we were limited to using API keys on API Gateway and then putting them into our LoRAWAN Gateways — that isn’t in the Github link, but relatively straightfoward to add.