Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Greengrass V2 continuously giving me MqttProxyIPCAgent Not Authorized

0

My component:

---
RecipeFormatVersion: "2020-01-25"
ComponentName: com.savic.Telemetry
ComponentVersion: 1.0.12
ComponentDescription: Vehicle telemetry consisting of CAN and additional messages
ComponentPublisher: ##############
ComponentConfiguration:
  DefaultConfiguration:
    Environment: nonprod
    accessControl:
      aws.greengrass.ipc.mqttproxy:
        com.savic.Telemetry:pubsub:2:
          policyDescription: Allows access to publish to telemetry topic
          operations:
            - aws.greengrass#PublishToIoTCore
          resources:
            - savicmc/{configuration:/Environment}/telemetry/events
Manifests:
  - Platform:
      os: linux
    Lifecycle:
      Setenv:
        SAVICMC_ENV: "{configuration:/Environment}"
        SAVIC_SENDLOG_PATH: "/var/log/sendLog.txt"
        SAVIC_SAMPLE_RATE: 10
        SAVIC_TELEMETRY_TOPIC: "savicmc/{configuration:/Environment}/telemetry/events"
      Install:
        RequiresPrivilege: true
        script: python3 -m pip install --user awsiotsdk
      Run:
        RequiresPrivilege: true
        script: python3 -u {artifacts:path}/telemetry.py
    Artifacts:
      - Uri: s3://greengrass-components-#############-############/artifacts/com.savic.Telemetry/1.0.12/telemetry.py
        Permission:
          Execute: OWNER

(NOTE: I also tried a variation of the accessControl:

      aws.greengrass.ipc.mqttproxy:
        com.savic.Telemetry:mqttproxy:2:

(note: pubsub vs. mqttproxy)

However, in my greengrass.log, I am getting the following:

2022-01-24T06:29:45.178Z [INFO] (Thread-8) software.amazon.awssdk.eventstreamrpc.RpcServer: New connection code [AWS_ERROR_SUCCESS] for [Id 1141, Class ServerConnection, Refs 1](2022-01-24T06:29:45.178120Z) - <null>. {}
2022-01-24T06:29:45.181Z [INFO] (Thread-8) software.amazon.awssdk.eventstreamrpc.ServiceOperationMappingContinuationHandler: aws.greengrass#GreengrassCoreIPC authenticated identity: com.savic.Telemetry. {}
2022-01-24T06:29:45.184Z [INFO] (Thread-8) software.amazon.awssdk.eventstreamrpc.ServiceOperationMappingContinuationHandler: Connection accepted for com.savic.Telemetry. {}
2022-01-24T06:29:45.185Z [INFO] (Thread-8) software.amazon.awssdk.eventstreamrpc.ServiceOperationMappingContinuationHandler: Sending connect response for com.savic.Telemetry. {}
2022-01-24T06:29:45.191Z [INFO] (Thread-8) com.aws.greengrass.builtin.services.mqttproxy.MqttProxyIPCAgent: Not Authorized. {error=Principal com.savic.Telemetry is not authorized to perform aws.greengrass.ipc.mqttproxy:aws.greengrass#PublishToIoTCore on resource savicmc/nonprod/telemetry/events}

Any ideas why I am getting the Not Authorized?

Themen
Internet der Dinge (IoT)
Tags
AWS IoT GreengrassAWS IoT Core
Sprache
English
Sash
gefragt vor 2 Jahren439 Aufrufe
2 Antworten
0

I don't think you can use the Environment configuration variable in the definition of the policy resources. I think you will end up with "savicmc/{configuration:/Environment}/telemetry/events" as the resource. Please check the component's configuration using the console or the Greengrass CLI.

profile pictureAWS
EXPERTE
Greg_B
beantwortet vor 2 Jahren
0

Were you able to fix this? I'm also having the same issue

Jose
beantwortet vor 7 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt