- Newest
- Most votes
- Most comments
Hi Francesco,
The error indicates that the secrets are not available on the edge device. Most probably secret manager is not able to fetch the secrets. It seems like you are configuring data source authentication. Here is a step by step guide for that - https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-source-authentication-ggv2.html#create-secrets-ggv2.
There could be multiple reasons for this failure: 1. The Greengrass core device doesn't have policy to get secret value from cloud. 2. Either the secrets manager is not configured at all or its configured with the incorrect Secrets ARN. 3. The data source was added with wrong secrets.
Please verify following on your end and see if they are configured as expected: 1. Does the IAM role for your greengrass core device allow the "secretsmanager:GetSecretValue" action? 2. Is the expected secret's ARN configured in the secret manager component's configuration at the time of the deployment? (https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-source-authentication-ggv2.html#deploy-secrets-ggv2) 3. Has the data source deployed with the secrets that were configured in step #2?
You can also check the greengrass.log and aws.greengrass.SecretManager.log files (located in /greengrass/v2/logs) to see if there are any warning/errors reported with respect to secret manager such as retrieving secrets, assuming a role etc.
Relevant content
- asked 10 months ago
- Accepted Answerasked 2 years ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Maybe I need to add additional environment variables to the Greengrass container not specified on the DockerHub page? There is no much documentation about Docker deployments of Greengrass.