- Newest
- Most votes
- Most comments
Hi. This video might be a good one to help get you going: https://www.youtube.com/watch?v=z8T4hAERuOg
The sample package i download will only work if i unzip it to my root directory
I'm not sure what's going wrong, but this shouldn't be the case. As you can see in the video, it's not unzipped to the root directory. What operating system are you using?
but, it will not work at all if i change or omit the following paramaters: client_id, topic
When you do the "Connect one device" flow to create the device and the connection kit, the AWS IoT Core Policy that's created is restricted to only allow particular client IDs and particular topics. There's a copy of it in your connection kit. In the AWS IoT Core console, you can navigate to Manage->Security->Policies to see the policy. It should look like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iot:Publish",
"iot:Receive"
],
"Resource": [
"arn:aws:iot:us-east-1:001122334455:topic/sdk/test/java",
"arn:aws:iot:us-east-1:001122334455:topic/sdk/test/python",
"arn:aws:iot:us-east-1:001122334455:topic/sdk/test/js"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Subscribe"
],
"Resource": [
"arn:aws:iot:us-east-1:001122334455:topicfilter/sdk/test/java",
"arn:aws:iot:us-east-1:001122334455:topicfilter/sdk/test/python",
"arn:aws:iot:us-east-1:001122334455:topicfilter/sdk/test/js"
]
},
{
"Effect": "Allow",
"Action": [
"iot:Connect"
],
"Resource": [
"arn:aws:iot:us-east-1:001122334455:client/sdk-java",
"arn:aws:iot:us-east-1:001122334455:client/basicPubSub",
"arn:aws:iot:us-east-1:001122334455:client/sdk-nodejs-*"
]
}
]
}
So only a limited collection of client IDs and topics can work.
The pubsub example in the SDK doesn't inherently have this limitation which is why its documentation doesn't mention it.
Good morning rePost-User-5601237!
Really sorry about your underwhelming first experience with the IoT Core.
Regarding your first issue (The sample package i download will only work if i unzip it to my root directory), here is a tricky (python) detail that can give you unpleasant surprises: when you run the following command from your /myhome
directory:
python3 aws-iot-device-sdk-python-v2/samples/pubsub.py \
--endpoint endpoint-ats.iot.region.amazonaws.com \
--ca_file root-CA.crt \
--cert MyThing1.cert.pem \
--key MyThing1.private.key \
--client_id basicPubSub \
--topic sdk/test/python \
--count 0
Python considers the directory from where you launch your script as the current working directory, So, in this example, your python script pubsub.py
will be executed normally (because you specified the file relative path), but as for the ca, cert and key files, because you just gave file names, Python will look for them in your current working directory (which is /myhome
, not /myhome/aws-iot-device-sdk-python-v2/samples/
). This is why you have a 'file not found' error.
So in reality, you can clone the samples to any specific location in your local environment and execute the code as is, but you just have to make sure that you
- either copy your ca, cert and key files to the
/samples
directory and run pubsub.py script directly from there (cd aws-iot-device-sdk-python-v2/samples/
thenpython3 pubsub.py [arguments]
) - or copy your ca, cert and key files to the location from where you intend to launch the script (
/myhome
) and execute the pubsub.py script with a relative path (python3 aws-iot-device-sdk-python-v2/samples/pubsub.py [arguments]
), just like you did.
As for the other issues, I second @greg_B explanations in the answer thread. You have to check the policies attached to your certificate in the console. They usually restrict Pub/Sub operations to limited clientId ranges (related to your thingName) to avoid malicious use of compromised certificates by unknown 3rd party clients.
Have a great week!
Check out the AWS IoT training lab at https://mqttlab.iotsim.io/aws It has many examples to guide you, including videos, sample scripts, and if you pay the $10, an interactive lab to try things out. Good luck.
Relevant content
- asked 8 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 8 months ago