We've successfully migrated a long running lambda from Greengrass V1 to V2 and although things appear to work as expected for a while we eventually encounter the following exception:
lambda logs:
Caused by: software.amazon.awssdk.aws.greengrass.model.ResourceNotFoundError: No shadow found. {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at jdk.internal.reflect.GeneratedConstructorAccessor20.newInstance(Unknown Source). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:481). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at com.google.gson.internal.ConstructorConstructor$2.construct(ConstructorConstructor.java:91). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at com.google.gson.internal.bind.ReflectiveTypeAdapterFactory$Adapter.read(ReflectiveTypeAdapterFactory.java:162). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at software.amazon.awssdk.eventstreamrpc.EventStreamRPCServiceModel$EventStreamPostFromJsonTypeAdapter.read(EventStreamRPCServiceModel.java:112). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at software.amazon.awssdk.eventstreamrpc.EventStreamRPCServiceModel$EventStreamPostFromJsonTypeAdapter.read(EventStreamRPCServiceModel.java:86). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at com.google.gson.Gson.fromJson(Gson.java:795). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at com.google.gson.Gson.fromJson(Gson.java:761). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at com.google.gson.Gson.fromJson(Gson.java:710). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at com.google.gson.Gson.fromJson(Gson.java:682). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at software.amazon.awssdk.eventstreamrpc.EventStreamRPCServiceModel.fromJson(EventStreamRPCServiceModel.java:361). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at software.amazon.awssdk.eventstreamrpc.EventStreamRPCClient$1.onContinuationMessage(EventStreamRPCClient.java:109). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
at software.amazon.awssdk.crt.eventstream.ClientConnectionContinuationHandler.onContinuationMessageShim(ClientConnectionContinuationHandler.java:41). {serviceInstance=0, serviceName=com.redbite.GreengrassZebraRfidAgent, currentState=RUNNING}
and respectively greengrass.log
2025-01-30T15:48:21.844Z [WARN] (AwsEventLoop 1) com.aws.greengrass.shadowmanager.ipc.GetThingShadowRequestHandler: handle-get-thing-shadow. Shadow does not exist. {thing name=TestDeployment, shadow name=}
software.amazon.awssdk.aws.greengrass.model.ResourceNotFoundError: No shadow found
at com.aws.greengrass.shadowmanager.ipc.GetThingShadowRequestHandler.lambda$handleRequest$0(GetThingShadowRequestHandler.java:92)
at com.aws.greengrass.ipc.common.ExceptionUtil.translateExceptions(ExceptionUtil.java:33)
at com.aws.greengrass.shadowmanager.ipc.GetThingShadowRequestHandler.handleRequest(GetThingShadowRequestHandler.java:75)
at com.aws.greengrass.shadowmanager.ipc.GetThingShadowIPCHandler.handleRequest(GetThingShadowIPCHandler.java:82)
at com.aws.greengrass.shadowmanager.ipc.GetThingShadowIPCHandler.handleRequest(GetThingShadowIPCHandler.java:28)
at software.amazon.awssdk.eventstreamrpc.OperationContinuationHandler.onContinuationMessage(OperationContinuationHandler.java:291)
at software.amazon.awssdk.crt.eventstream.ServerConnectionContinuationHandler.onContinuationMessageShim(ServerConnectionContinuationHandler.java:53)
I suspected a permission issues but can't seem to find anything wrong:
The IoT Thing certificate policy includes:
{
"Effect": "Allow",
"Action": [
"iot:GetThingShadow",
"iot:UpdateThingShadow"
],
"Resource": [
"arn:aws:iot:*:<account-id>:thing/${iot:Connection.Thing.ThingName}/shadow/*",
"arn:aws:iot:*:<account-id>:thing/${iot:Connection.Thing.ThingName}/shadow"
]
}
while the merge config for the lambda includes
"aws.greengrass.ShadowManager": {
"com.redbite.RfidMiddleware:shadow:1": {
"policyDescription": "Allows access to shadows",
"operations": [
"aws.greengrass#GetThingShadow",
"aws.greengrass#UpdateThingShadow"
],
"resources": [
"$aws/things/{iot:thingName}/shadow",
"$aws/things/{iot:thingName}/shadow/*"
]
}
}
For the reference, the kotlin code fetching the shadow is:
val getThingShadowRequest = GetThingShadowRequest().withThingName(Properties.AWS_IOT_THING_NAME()).withShadowName("")
val result = ipcClient.getThingShadow(getThingShadowRequest)
Please advise!
Replacing ${iot:Connection.Thing.ThingName} with the thing name did not make a difference I'm afraid.
What version of Java are you using?