- Newest
- Most votes
- Most comments
Hello,
This error looks like you have an issue with your DNS, did you configure any DNS settings or /etc/hosts file for iot.us-east-1.amazonaws.com? It seems like you've configured that to point to .o8791rg889c4o.us-east-1.cs.amazonlightsail.com
somewhere.
Cheers,
Michael
To the exact behavior that we were seeing:
- A command like "aws s3 ls" would execute successfully without issues
- The commands around "aws iot" would NOT execute successfully.
For some reason, and it is not something that we ever configured for, the DNS for the IoT endpoint was not resolving correctly. We resolved this issue by statically assigning google DNS servers on the Raspberry Pi that is hosting the IoT process.
First verify the certificate
- Run aws iot describe-endpoint --endpoint-type iot:Data-ATS.
- Inspect the returned endpointAddress. It should be something like a1234567890abc-ats.iot.us-east-1.amazonaws.com.
- Use nslookup iot.us-east-1.amazonaws.com to verify that the hostname correctly resolves to an AWS IoT IP address.
and also
Verify the IoT policy associated with your device's certificate. It needs appropriate permissions for the actions your device is trying to perform, such as connecting, publishing, subscribing, and receiving messages. You can review and update the IoT policy via the AWS IoT console or CLI
https://docs.aws.amazon.com/greengrass/v2/developerguide/device-auth.html
Relevant content
- Accepted Answerasked 3 years ago
- asked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago