By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

ShadowManager Synchronization error

0

When ShadowManager sync shdow to cloud, I got "Missing authentication" error

2023-03-14T04:41:09.620Z [DEBUG] (Thread-6) software.amazon.awssdk.eventstreamrpc.OperationContinuationHandler: Continuation native id: -1376970208. {}
2023-03-14T04:41:09.623Z [DEBUG] (Thread-6) com.aws.greengrass.authorization.AuthorizationHandler: Hit policy with principal com.ShadowTest, operation aws.greengrass#UpdateThingShadow, resource $aws/things/rfdme-load-ecu-L0001-01/shadow/name/state. {}
2023-03-14T04:41:09.636Z [DEBUG] (Thread-6) com.networknt.schema.TypeValidator: validate( {"state":{"reported":{"state":true}}}, {"state":{"reported":{"state":true}}}, $). {}
2023-03-14T04:41:09.638Z [DEBUG] (Thread-6) com.networknt.schema.RequiredValidator: validate( {"state":{"reported":{"state":true}}}, {"state":{"reported":{"state":true}}}, $). {}
2023-03-14T04:41:09.639Z [DEBUG] (Thread-6) com.networknt.schema.PropertiesValidator: validate( {"state":{"reported":{"state":true}}}, {"state":{"reported":{"state":true}}}, $). {}
2023-03-14T04:41:09.639Z [DEBUG] (Thread-6) com.networknt.schema.RequiredValidator: validate( {"state":{"reported":{"state":true}}}, {"state":{"reported":{"state":true}}}, $). {}
2023-03-14T04:41:09.640Z [DEBUG] (Thread-6) com.networknt.schema.TypeValidator: validate( {"reported":{"state":true}}, {"state":{"reported":{"state":true}}}, $.state). {}
2023-03-14T04:41:09.641Z [DEBUG] (Thread-6) com.networknt.schema.PropertiesValidator: validate( {"reported":{"state":true}}, {"state":{"reported":{"state":true}}}, $.state). {}
2023-03-14T04:41:09.642Z [DEBUG] (Thread-6) com.networknt.schema.TypeValidator: validate( {"state":true}, {"state":{"reported":{"state":true}}}, $.state.reported). {}
2023-03-14T04:41:09.643Z [DEBUG] (Thread-6) com.networknt.schema.UnionTypeValidator: validate( {"state":true}, {"state":{"reported":{"state":true}}}, $.state.reported). {}
2023-03-14T04:41:09.644Z [DEBUG] (Thread-6) com.networknt.schema.TypeValidator: validate( {"state":true}, {"state":{"reported":{"state":true}}}, $.state.reported). {}
2023-03-14T04:41:09.645Z [DEBUG] (Thread-6) com.networknt.schema.RequiredValidator: validate( {"reported":{"state":true}}, {"state":{"reported":{"state":true}}}, $.state). {}
2023-03-14T04:41:09.645Z [DEBUG] (Thread-6) com.networknt.schema.RequiredValidator: validate( {"reported":{"state":true}}, {"state":{"reported":{"state":true}}}, $.state). {}
2023-03-14T04:41:09.646Z [DEBUG] (Thread-6) com.networknt.schema.RequiredValidator: validate( {"state":{"reported":{"state":true}}}, {"state":{"reported":{"state":true}}}, $). {}
2023-03-14T04:41:09.648Z [DEBUG] (Thread-6) com.aws.greengrass.shadowmanager.ipc.UpdateThingShadowRequestHandler: handle-update-thing-shadow. {thing name=rfdme-load-ecu-L0001-01, shadow name=state, updatedShadowStateSize=14}
2023-03-14T04:41:09.658Z [INFO] (Thread-6) com.aws.greengrass.shadowmanager.ipc.UpdateThingShadowRequestHandler: Successfully updated shadow. {service-name=com.ShadowTest, thing name=rfdme-load-ecu-L0001-01, shadow name=state, local-version=154}
2023-03-14T04:41:09.659Z [DEBUG] (Thread-6) com.aws.greengrass.shadowmanager.sync.strategy.BaseSyncStrategy: sync. Adding new sync request. {thing name=rfdme-load-ecu-L0001-01, shadow name=state, type=class com.aws.greengrass.shadowmanager.sync.model.CloudUpdateSyncRequest}
2023-03-14T04:41:09.660Z [INFO] (pool-2-thread-13) com.aws.greengrass.shadowmanager.sync.strategy.BaseSyncStrategy: sync. Executing sync request. {Type=CloudUpdateSyncRequest, thing name=rfdme-load-ecu-L0001-01, shadow name=state}
2023-03-14T04:41:09.673Z [DEBUG] (Thread-6) software.amazon.awssdk.eventstreamrpc.OperationContinuationHandler: aws.greengrass#UpdateThingShadow stream continuation closed.. {}
2023-03-14T04:41:09.695Z [DEBUG] (pool-2-thread-13) com.aws.greengrass.shadowmanager.sync.model.CloudUpdateSyncRequest: Updating cloud shadow document. {thing name=rfdme-load-ecu-L0001-01, shadow name=state, cloud-version=0, local-version=0}
2023-03-14T04:41:09.716Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.core.interceptor.ExecutionInterceptorChain: Creating an interceptor chain that will apply interceptors in the following order: [software.amazon.awssdk.core.internal.interceptor.HttpChecksumRequiredInterceptor@1a56a9c, software.amazon.awssdk.core.internal.interceptor.SyncHttpChecksumInTrailerInterceptor@1b7c148, software.amazon.awssdk.core.internal.interceptor.HttpChecksumValidationInterceptor@d39a22, software.amazon.awssdk.core.internal.interceptor.AsyncRequestBodyHttpChecksumTrailerInterceptor@1d694d, software.amazon.awssdk.core.internal.interceptor.HttpChecksumInHeaderInterceptor@4e0458, software.amazon.awssdk.awscore.interceptor.HelpfulUnknownHostExceptionInterceptor@1dc3ad8, software.amazon.awssdk.awscore.eventstream.EventStreamInitialRequestInterceptor@1d8b5cb, software.amazon.awssdk.awscore.interceptor.TraceIdExecutionInterceptor@d4e4fc]. {}
2023-03-14T04:41:09.724Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.request: Sending Request: DefaultSdkHttpFullRequest(httpMethod=POST, protocol=https, host=a3s0shx085zc58-ats.iot.ap-northeast-1.amazonaws.com, encodedPath=/things/rfdme-load-ecu-L0001-01/shadow, headers=[amz-sdk-invocation-id, User-Agent], queryParameters=[name]). {}
2023-03-14T04:41:09.744Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.http.apache.internal.net.SdkSslSocket: shutting down output of a3s0shx085zc58-ats.iot.ap-northeast-1.amazonaws.com/52.68.196.194:443. {}
2023-03-14T04:41:09.745Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.http.apache.internal.net.SdkSslSocket: closing a3s0shx085zc58-ats.iot.ap-northeast-1.amazonaws.com/52.68.196.194:443. {}    
2023-03-14T04:41:09.835Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.http.apache.internal.conn.SdkTlsSocketFactory: Unable to configure socket for ALPN. Ports other than 443 may still work.. {}
2023-03-14T04:41:09.836Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.http.apache.internal.conn.SdkTlsSocketFactory: socket.getSupportedProtocols(): [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2], socket.getEnabledProtocols(): [TLSv1, TLSv1.1, TLSv1.2]. {}
2023-03-14T04:41:09.979Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.http.apache.internal.net.SdkSslSocket: created: a3s0shx085zc58-ats.iot.ap-northeast-1.amazonaws.com/54.150.214.136:443. {}  
2023-03-14T04:41:10.060Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.requestId: Received failed response: 403, Request ID: 12226bdf-2fec-5774-a37e-768e2cb402c8, Extended Request ID: not available. {}
2023-03-14T04:41:10.061Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.request: Received failed response: 403, Request ID: 12226bdf-2fec-5774-a37e-768e2cb402c8, Extended Request ID: not available. {}
2023-03-14T04:41:10.069Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.core.retry.ClockSkew: Reported service date: Tue, 14 Mar 2023 04:41:10 GMT. {}
2023-03-14T04:41:10.081Z [DEBUG] (pool-2-thread-13) software.amazon.awssdk.core.retry.ClockSkew: Reported service date: Tue, 14 Mar 2023 04:41:10 GMT. {}
2023-03-14T04:41:10.093Z [DEBUG] (pool-2-thread-13) com.aws.greengrass.shadowmanager.sync.model.CloudUpdateSyncRequest: Skipping update for cloud shadow document. {thing name=rfdme-load-ecu-L0001-01, shadow name=state, cloud-version=0, local-version=0}
2023-03-14T04:41:10.095Z [ERROR] (pool-2-thread-13) com.aws.greengrass.shadowmanager.sync.strategy.BaseSyncStrategy: sync. Skipping sync request. {thing name=rfdme-load-ecu-L0001-01, shadow name=state}
com.aws.greengrass.shadowmanager.exception.SkipSyncRequestException: software.amazon.awssdk.services.iotdataplane.model.IotDataPlaneException: Missing authentication (Service: IotDataPlane, Status Code: 403, Request ID: 12226bdf-2fec-5774-a37e-768e2cb402c8)
        at com.aws.greengrass.shadowmanager.sync.model.CloudUpdateSyncRequest.execute(CloudUpdateSyncRequest.java:148)
        at com.aws.greengrass.shadowmanager.sync.SyncHandler.lambda$new$0(SyncHandler.java:109)
        at com.aws.greengrass.util.RetryUtils.runWithRetry(RetryUtils.java:50)
        at com.aws.greengrass.shadowmanager.sync.SyncHandler.lambda$new$1(SyncHandler.java:107)
        at com.aws.greengrass.shadowmanager.sync.strategy.BaseSyncStrategy.lambda$new$0(BaseSyncStrategy.java:155)
        at com.aws.greengrass.shadowmanager.sync.strategy.BaseSyncStrategy.syncLoop(BaseSyncStrategy.java:366)
        at com.aws.greengrass.shadowmanager.sync.strategy.RealTimeSyncStrategy.syncLoop(RealTimeSyncStrategy.java:77)
        at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
        at java.util.concurrent.FutureTask.run(Unknown Source)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
        at java.lang.Thread.run(Unknown Source)
Caused by: software.amazon.awssdk.services.iotdataplane.model.IotDataPlaneException: Missing authentication (Service: IotDataPlane, Status Code: 403, Request ID: 12226bdf-2fec-5774-a37e-768e2cb402c8)
        at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handleErrorResponse(CombinedResponseHandler.java:125)
        at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handleResponse(CombinedResponseHandler.java:82)
        at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handle(CombinedResponseHandler.java:60)
        at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handle(CombinedResponseHandler.java:41)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:40)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:30)
        at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptTimeoutTrackingStage.execute(ApiCallAttemptTimeoutTrackingStage.java:73)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptTimeoutTrackingStage.execute(ApiCallAttemptTimeoutTrackingStage.java:42)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.TimeoutExceptionHandlingStage.execute(TimeoutExceptionHandlingStage.java:78)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.TimeoutExceptionHandlingStage.execute(TimeoutExceptionHandlingStage.java:40)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptMetricCollectionStage.execute(ApiCallAttemptMetricCollectionStage.java:50)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptMetricCollectionStage.execute(ApiCallAttemptMetricCollectionStage.java:36)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage.execute(RetryableStage.java:81)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage.execute(RetryableStage.java:36)
        at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
        at software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:56)
        at software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:36)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.executeWithTimer(ApiCallTimeoutTrackingStage.java:80)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:60)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:42)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallMetricCollectionStage.execute(ApiCallMetricCollectionStage.java:48)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallMetricCollectionStage.execute(ApiCallMetricCollectionStage.java:31)
        at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
        at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:37)
        at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:26)
        at software.amazon.awssdk.core.internal.http.AmazonSyncHttpClient$RequestExecutionBuilderImpl.execute(AmazonSyncHttpClient.java:193)
        at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.invoke(BaseSyncClientHandler.java:103)
        at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.doExecute(BaseSyncClientHandler.java:171)
        at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:82)
        at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:179)
        at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:76)
        at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45)
        at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:56)
        at software.amazon.awssdk.services.iotdataplane.DefaultIotDataPlaneClient.updateThingShadow(DefaultIotDataPlaneClient.java:411)
        at com.aws.greengrass.shadowmanager.sync.IotDataPlaneClientWrapper.updateThingShadow(IotDataPlaneClientWrapper.java:79)
        at com.aws.greengrass.shadowmanager.sync.model.CloudUpdateSyncRequest.execute(CloudUpdateSyncRequest.java:109)
        ... 11 more

I already set the aws_access_key and secret_key.

root@ecu1051-387741:~# aws configure list
      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************6UN2              env    
secret_key     ****************5QjL              env
    region           ap-northeast-1      config-file    ~/.aws/config

And my IAM role has policies AWSIoTFullAccess

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iot:*",
                "iotjobsdata:*"
            ],
            "Resource": "*"
        }
    ]
}
Topics
Internet of Things (IoT)
Tags
AWS IoT GreengrassAWS IoT Core
Language
English
rePost-User-3854128
asked a year ago211 views
1 Answer
2
Accepted Answer

https://docs.aws.amazon.com/greengrass/v2/developerguide/shadow-manager-component.html#shadow-manager-component-requirements

Setting the IAM policy isn't what is needed. You need to update the IoT Policy associated with your Greengrass core's certificate.

Cheers,

Michael

AWS
EXPERT
MichaelDombrowski-AWS
answered a year ago
profile pictureAWS
EXPERT
Greg_B
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content