Hi there!
We want to make Lambda, SNS service calls from Greengrass V2 custom component. Issue we are am facing here is, from where we can get the secret_key and access_key. We do have gone through token exchange service. We have added this service as dependency in custom component.
Following is the method of custom component which make Lambda call.
public String invokeLambda(String functionName, JsonObject payload) {
InvokeRequest lmbRequest = new InvokeRequest().withFunctionName(functionName).withPayload(payload.toString());
LOGGER.info("AWS_CONTAINER_AUTHORIZATION_TOKEN :: " + System.getenv("AWS_CONTAINER_AUTHORIZATION_TOKEN"));
LOGGER.info("AWS_CONTAINER_CREDENTIALS_FULL_URI :: " + System.getenv("AWS_CONTAINER_CREDENTIALS_FULL_URI"));
lmbRequest.setInvocationType(InvocationType.RequestResponse);
AWSLambda lambda = AWSLambdaClientBuilder.standard().withRegion(Regions.US_WEST_2)
.withCredentials(new EC2ContainerCredentialsProviderWrapper()).build();
InvokeResult lmbResult = lambda.invoke(lmbRequest);
String resultJSON = new String(lmbResult.getPayload().array(), Charset.forName("UTF-8"));
LOGGER.info("Result from Lamdaexecution:::" + resultJSON);
return resultJSON;
}
Log is printing Token and Credential URI which you can refer in following logs.
Error : com.amazonaws.SdkClientException: Failed to connect to service
Logs of the application is as below
2023-04-12T09:41:56.208Z [WARN] (Copier) DatabaseManager: stderr. 04-12 09:41:56.208 47 W/CouchbaseLite/QUERY: [JAVA] End of query enumeration. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:56.258Z [WARN] (Copier) DatabaseManager: stderr. 04-12 09:41:56.257 47 W/CouchbaseLite/QUERY: [JAVA] End of query enumeration. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:56.327Z [WARN] (Copier) DatabaseManager: stderr. 04-12 09:41:56.326 47 W/CouchbaseLite/QUERY: [JAVA] End of query enumeration. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:56.336Z [INFO] (Copier) DatabaseManager: stdout. 2023-04-12 09:41:56.336 INFO 2832 --- [nio-8081-exec-6] c.s.service.impl.UpdateServiceImpl : Type:::OS Version:::00.00.02. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:56.379Z [INFO] (Copier) DatabaseManager: stdout. 2023-04-12 09:41:56.379 INFO 2832 --- [nio-8081-exec-6] com.softacuity.util.LambdaUtil : AWS_CONTAINER_AUTHORIZATION_TOKEN :: DNVCLW02DA54UUZX. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:56.379Z [INFO] (Copier) DatabaseManager: stdout. 2023-04-12 09:41:56.379 INFO 2832 --- [nio-8081-exec-6] com.softacuity.util.LambdaUtil : AWS_CONTAINER_CREDENTIALS_FULL_URI :: http://localhost:41333/2016-11-01/credentialprovider/. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:59.323Z [INFO] (Copier) DatabaseManager: stdout. 2023-04-12 09:41:59.321 ERROR 2832 --- [nio-8081-exec-6] c.s.controller.UpdateController : Exception !. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:59.324Z [INFO] (Copier) DatabaseManager: stdout. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:59.324Z [INFO] (Copier) DatabaseManager: stdout. com.amazonaws.SdkClientException: Failed to connect to service endpoint:. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
2023-04-12T09:41:59.324Z [INFO] (Copier) DatabaseManager: stdout. at com.amazonaws.internal.EC2ResourceFetcher.doReadResource(EC2ResourceFetcher.java:112) ~[aws-java-sdk-core-1.12.445.jar!/:na]. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}
AWS公式更新しました 2年前
Review the greengrass log for errors at the same time /greengrass/v2/logs/greengrass.log.
Hey Michael,
on same event greengrass.log prints following.
2023-04-13T04:44:00.775Z [INFO] (pool-2-thread-1229) com.aws.greengrass.tes.CredentialRequestHandler: Received IAM credentials that will be cached until 2023-04-13T05:39:00Z. {iotCredentialsPath=/role-aliases/GreengrassCoreTokenExchangeRoleAlias/credentials}
Hey Michael,
It seems that in second attempt application able to make a call to lambda. First time only its giving mentioned error. Is there retry logic required to be implement ??
Regards, Nalay
Yes you should certainly implement retries. Please also ensure you are using the latest version of Greengrass Nucleus 2.9.5