Questions tagged with AWS Command Line Interface

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Getting error "Request is missing Authentication Token" on serverless deploy for af-south-1 region

We are using buildspec and serverless to deploy our lambdas to was. It was working fine till early morning India time. But in post build, started seeing the error "Request is missing Authentication Token". `` ``` version: 0.2 phases: install: commands: - npm install -g serverless@3.13.0 build: commands: - env="dev" && region="af-south-1" - echo $CODEBUILD_WEBHOOK_HEAD_REF - if [ "$CODEBUILD_WEBHOOK_HEAD_REF" = "refs/heads/main" ]; then env="prod"; elif [ "$CODEBUILD_WEBHOOK_HEAD_REF" = "refs/heads/uat" ]; then env="uat"; elif [ "$CODEBUILD_WEBHOOK_HEAD_REF" = "refs/heads/dev" ]; then env="dev"; fi - npm install - npm run build - rm -rf node_modules - npm install --production post_build: commands: - env="dev" && region="af-south-1" - echo $CODEBUILD_WEBHOOK_HEAD_REF - if [ "$CODEBUILD_WEBHOOK_HEAD_REF" = "refs/heads/main" ]; then env="prod"; elif [ "$CODEBUILD_WEBHOOK_HEAD_REF" = "refs/heads/uat" ]; then env="uat"; elif [ "$CODEBUILD_WEBHOOK_HEAD_REF" = "refs/heads/dev" ]; then env="dev"; region="af-south-1"; elif [ "$CODEBUILD_WEBHOOK_HEAD_REF" = "refs/heads/stage" ]; then env="stage"; fi - echo "deploying for env=$env region=$region" - serverless deploy --stage $env --region $region --verbose ``` Here's the error we are getting. ``` [Container] 2022/11/28 10:36:58 Running command serverless deploy --stage $env --region $region --verbose To ensure safe major version upgrades ensure "frameworkVersion" setting in service configuration (recommended setup: "frameworkVersion: ^3.13.0") Warning: Invalid configuration encountered at 'provider': unrecognized property 'package' Learn more about configuration validation here: http://slss.io/configuration-validation Deploying test-authorizer to stage dev (af-south-1) Excluding development dependencies for service package × Stack test-authorizer-dev failed to deploy (0s) ``` We tried to deploy on us-east-1, but it worked, it just stopped working for af-south-1 Checked the following already 1. Checking the deploy role for right permissions 2. Checking the STS token - it is active 3. Also tried to change the deployment environment on codebuild. It didn't work
1
answers
2
votes
47
views
HBL9
asked a day ago

Setting up a raspberry pi and PreTestValidation is failing

When I run the test it fails saying it cannot make the directory /temp/idt. I am not sure where exactly it is trying to make this directory though. I am running the test from terminal on my Mac but I have the latest MacOS installed and you cannot create a folder in the root anymore. I can modify a file that will create something like a shortcut there that the system perceives to be a folder but it's just an alias. Is there a way to bypass this test or change the directory location so it won't bottleneck here? the command is using a "-p" switch so in theory if I know exactly where this is being created I can just create it manually and it should overlook after that. I just can't seem to see where it should go. The details, output, and logs are below. I appreciate any input here. So simply put, I have all the prelims done, the environment: I'm running AWS CLI on my MacBook Air M2 (2022) running MacOS Ventura and the edge device is a Raspberry Pi 4 model B running 11.8. Testing suite: devicetester_greengrass_v2_4.5.11_testsuite_2.4.1_mac when I run ./devicetester_mac_x86-64 run-suite --userdata userdata.json the output is: davidosullivan@Davids-MacBook-Air bin % ./devicetester_mac_x86-64 run-suite --userdata userdata.json [INFO] [2022-11-28 05:39:34]: Running pool=pool1 idt=4.5.11 suite=GGV2Q_2.4.1 [WARNING] [2022-11-28 05:39:34]: IDT is accessing to Device Under Test with an insecure SSH method, to make it more secure you can provide publicKeyPath to device.json or resource.json file. More details can be found on AWS IoT Device Tester documentation Configure IDT settings section. [INFO] [2022-11-28 05:39:35]: Automatic updates are supported for this release of IDT, checking for updates. [INFO] [2022-11-28 05:39:35]: executionId=a8751a98-6ed6-11ed-b7fb-f293db416e41 suiteId=GGV2Q [WARNING] [2022-11-28 05:39:35]: Failed to get version of Greengrass with error exit status 1 [WARNING] [2022-11-28 05:39:35]: Device Tester is not able to check for any latest IDT test suites [INFO] [2022-11-28 05:39:35]: Using test suite "GGV2Q_2.4.1" for execution [WARNING] [2022-11-28 05:39:35]: IDT is accessing to Device Under Test with an insecure SSH method, to make it more secure you can provide publicKeyPath to device.json or resource.json file. More details can be found on AWS IoT Device Tester documentation Configure IDT settings section. time="2022-11-28T05:39:35+01:00" level=info msg="GGV2 Suite Info" hostArch=amd64 hostName=Davids-Air.home hostOs=darwin groupId=pretestvalidation testCaseId=pretestvalidation deviceId=raspberrypi time="2022-11-28T05:39:35+01:00" level=info msg="Running test case" time="2022-11-28T05:39:35+01:00" level=info msg="Setting up device for testing" time="2022-11-28T05:39:36+01:00" level=info msg="Device architecture: armv7l" time="2022-11-28T05:39:36+01:00" level=info msg="Cleaning up test resources..." time="2022-11-28T05:39:36+01:00" level=info msg="Temporary resources on DUT are successfully removed" time="2022-11-28T05:39:36+01:00" level=info msg="Cleaning up dut resources..." time="2022-11-28T05:39:36+01:00" level=info msg="Cleaning up AWS resources... This may take a while..." [ERROR] [2022-11-28 05:39:36]: Test exited unsuccessfully executionId=a8751a98-6ed6-11ed-b7fb-f293db416e41 testCaseId=pretestvalidation error=exit status 1 [INFO] [2022-11-28 05:39:36]: All tests finished. executionId=a8751a98-6ed6-11ed-b7fb-f293db416e41 [INFO] [2022-11-28 05:39:36]: ========== Test Summary ========== Execution Time: 1s Tests Completed: 1 Tests Passed: 0 Tests Failed: 1 Tests Skipped: 0 ---------------------------------- Test Groups: pretestvalidation: FAILED ---------------------------------- Failed Tests: Group Name: pretestvalidation Test Name: pretestvalidation Reason: Command '{mkdir -p /temp/idt map[] 0s}' exited with code 1. Error output: mkdir: cannot create directory ‘/temp/idt’: Permission denied . ---------------------------------- Path to AWS IoT Device Tester Report: /Users/davidosullivan/projects/idt/devicetester_greengrass_v2_mac/results/a8751a98-6ed6-11ed-b7fb-f293db416e41/awsiotdevicetester_report.xml Path to Test Execution Logs: /Users/davidosullivan/projects/idt/devicetester_greengrass_v2_mac/results/a8751a98-6ed6-11ed-b7fb-f293db416e41/logs Path to Aggregated JUnit Report: /Users/davidosullivan/projects/idt/devicetester_greengrass_v2_mac/results/a8751a98-6ed6-11ed-b7fb-f293db416e41/GGV2Q_Report.xml ================================== Note: davidosullivan@Davids-MacBook-Air bin % The Logs <testsuites name="GGV2Q results" time="1" tests="1" failures="0" skipped="0" errors="1" disabled="0"> <testsuite name="pretestvalidation" package="" tests="1" failures="0" time="1" disabled="0" errors="1" skipped="0"> <testcase classname="GGV2Q pretestvalidation" name="pretestvalidation"> <error>Command &#39;{mkdir -p /temp/idt map[] 0s}&#39; exited with code 1. Error output: mkdir: cannot create directory ‘/temp/idt’: Permission denied&#xA;.</error> </testcase> </testsuite> </testsuites> <apnreport> <awsiotdevicetesterversion>4.5.11</awsiotdevicetesterversion> <testsuiteversion>2.4.1</testsuiteversion> <signature>283938a8376e684465e29efa2a88e61c1543dfd58dff21451248d707d73403a4bd81f766e97977ca46a986384b863a4698bdbc39c58d9f6d8edc3d26d49348a7</signature> <keyname>65d77318-3995-4993-9dd5-01b329742307</keyname> <session> <testsession>958c70de-6ed6-11ed-b139-f293db416e41</testsession> <starttime>2022-11-28T05:39:04.549453+01:00</starttime> <endtime>2022-11-28T05:39:05.584253+01:00</endtime> </session> <awsproduct> <name>AWS Greengrass</name> <version></version> <features> <feature name="aws-iot-greengrass-v2-core" value="not-supported" type="required"></feature> <feature name="aws-iot-greengrass-v2-ml-component" value="not-supported" type="optional"></feature> <feature name="aws-iot-greengrass-v2-docker-application-manager" value="not-supported" type="optional"></feature> <feature name="aws-iot-greengrass-v2-stream-management-component" value="not-supported" type="optional"></feature> <feature name="aws-iot-greengrass-v2-hsi" value="not-supported" type="optional"></feature> </features> </awsproduct> <device> <sku>hbshub</sku> <name>pool1</name> <features> <feature name="arch" value="armv7l"></feature> <feature name="ml" value="no"></feature> <feature name="docker" value="no"></feature> <feature name="streamManagement" value="no"></feature> <feature name="hsi" value="hsm | no"></feature> <feature name="platform.operatingSystem" value="Linux"></feature> </features> <executionMethod>ssh</executionMethod> </device> <devenvironment> <os name="darwin"></os> </devenvironment> <qualificationsuite> <checksumkeyname>GGV2Q_mac_2.4.1</checksumkeyname> <checksum>ca8c0331d16637835af8dc2f403ffcf217a70022e6c89e119f9be53d6ec2bb7f4ca30f21984d49a3a10634b0077a2a36</checksum> </qualificationsuite> <report> <testsuites name="GGV2Q results" time="1" tests="1" failures="0" skipped="0" errors="1" disabled="0"> <testsuite name="pretestvalidation" package="" tests="1" failures="0" time="1" disabled="0" errors="1" skipped="0"> <testcase classname="GGV2Q pretestvalidation" name="pretestvalidation"> <error>Command &#39;{mkdir -p /temp/idt map[] 0s}&#39; exited with code 1. Error output: mkdir: cannot create directory ‘/temp/idt’: Permission denied&#xA;.</error> </testcase> </testsuite> </testsuites> </report> </apnreport>
1
answers
0
votes
15
views
asked a day ago

Failure in Cloudformation template [ CommandRunenr] while running CLI command for Cloudtrail

Hi Guys, I am trying to run CLI command to update a CloudTrail but stack is getting failed. Requirement is to apply advanced data events to existing CloudTrail. Please find below details of CF template: 1. CF template AWSTemplateFormatVersion: 2010-09-09 Resources: UpdateTrail: Type: AWSUtility::CloudFormation::CommandRunner Properties: Role: ec2-role-name SubnetId: subnet-XXXXXXXXX LogGroup: log-group-name Command: aws cloudtrail put-event-selectors --trail-name XXXX --region XXXX \ --advanced-event-selectors.... 2. Error Resource handler returned message: "Either the command failed to execute, the value written to /command-output.txt was invalid or the Subnet specified did not have internet access. The value written to /command-output.txt must be a non-empty single word value without quotation marks. Check cloud-init.log in the LogGroup specified for more information." 3. CLI command aws cloudtrail put-event-selectors --trail-name XXXX --region XXXX --advanced-event-selectors '[ { "Name": "S3EventSelector", "FieldSelectors": [ { "Field": "eventCategory", "Equals": ["Data"] }, { "Field": "resources.type", "Equals": ["AWS::S3::Object"] }, { "Field": "eventName", "Equals": ["PutObject","DeleteObject"] }, { "Field": "resources.ARN", "StartsWith": ["arn:aws:s3:::XX","arn:aws:s3:::XX"] } ] } ]' Note : Command runs successfully in CLI. pre-requisites for commandRunner is installed. Also, Subnet specified does have internet access. I sense, it might be the issue with command format or may be something else. Any assistance would be appreciated. Thanks
1
answers
0
votes
43
views
Pradnya
asked 5 days ago

How to get ip addresses of apigateway vpce using cdk?

**Background context / End goal:** I am trying to use cdk to create a target group that consists of the ip addresses that are associated with a vpc endpoint (for apigateway) as per this [AWS blog.][1] Ideally, I would like to be able to just lookup the associated ips using just the fact that the vpce is for the service of apigateway OR potentially using the vpce id. **Problem** I cannot find a way to get the network interface ids & ip addresses for the vpc endpoint. **Attempts** 1. I tried to use the cdk [InterfaceVpcEndpoint construct][2] static method using the fromInterfaceVpcEndpointAttributes (filtering by service). It did return the desired vpce, but unfortunately it returns [in the format of IInterfaceVpcEndpoint][3] which does not have the vpceNetworkInterfaceIds attribute that the InterfaceVpcEndpoint construct has 2. I was able to use [AwsCustomResource][4] (after consulting a stack overflow post that referenced [this example][5]) to look up the ip addresses for a given array of vpce network interface ids: ``` const vpceNetworkInterfaceIds = =['eniId1', 'eniId2']; const getEniIps = new AwsCustomResource(scope, `GetEndpointIps`, { onUpdate: { service: "EC2", action: "describeNetworkInterfaces", parameters: { NetworkInterfaceIds: vpceNetworkInterfaceIds }, physicalResourceId: PhysicalResourceId.of(Date.now().toString()) }, policy: AwsCustomResourcePolicy.fromSdkCalls({ resources: AwsCustomResourcePolicy.ANY_RESOURCE }), }); const privateIpAddresses: string[] = []; for(let i = 0; i< vpceNetworkInterfaceIds.length; i++){ const privateIpAddress: string = getNetworkInterfaceIpAddresses.getResponseField(`NetworkInterfaces.${i}.PrivateIpAddress`).toString(); privateIpAddresses.push(privateIpAddress); } return privateIpAddresses; } ``` 3. I tried to make a similar sdk call ([describeVpcEndpoints][6]), but then I encountered issues retrieving the array of NetworkInterfaceIds. ``` const getNetworkInterfaceIpAddresses = new AwsCustomResource(scope, `GetVpceNetworkInterfaceIds`, { onUpdate: { service: "EC2", action: "describeVpcEndpoints", parameters: { Filters: [ { Name: "service-name", Values: ["com.amazonaws.us-east-1.execute-api"] } ] }, physicalResourceId: PhysicalResourceId.of(Date.now().toString()) }, policy: AwsCustomResourcePolicy.fromSdkCalls({ resources: AwsCustomResourcePolicy.ANY_RESOURCE }), }); return getNetworkInterfaceIpAddresses.getResponseFieldReference(`VpcEndpoints.0.NetworkInterfaceIds`).toJSON(); ``` I tried variations of using the [Reference][7] methods of toJson, toString, Token.asXXX but was not able to figure out how to get the array of values from this custom resource. One of the errors that I got was "Vendor response doesn't contain VpcEndpoints.0.NetworkInterfaceIds key in object ....." but when I made the describeVpcEndpoints call via cli, I can definitely see that there is a VpcEndpoints.0.NetworkInterfaceIds value that should be populated. **Questions** 1. How can you get an array from the sdk call of a aws custom resource? 2. How can you debug cdk aws custom resources that make sdk calls? Logging locally only yields the tokens which is not helpful. 3. Is there a more straight forward way to get the vpceNetworkInterfaceIds of a given vpce? 4. Is there a more straight forward way to get the ip addresses for a given vpce? [1]: https://aws.amazon.com/blogs/networking-and-content-delivery/accessing-an-aws-api-gateway-via-static-ip-addresses-provided-by-aws-global-accelerator/ [2]: https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ec2.InterfaceVpcEndpoint.html#vpcendpointnetworkinterfaceids [3]: https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_aws-ec2.IInterfaceVpcEndpoint.html [4]: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.custom_resources.AwsCustomResource.html#getwbrresponsewbrfielddatapath [5]: https://github.com/taimos/cdk-constructs/blob/master/lib/serverless/internal-rest-api.ts#L117 [6]: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/EC2.html#describeVpcEndpoints-property [7]: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.Reference.html#towbrstringwbrlist
0
answers
0
votes
52
views
asked 7 days ago

Error in lexClient->StartConversationAsync

I am currently trying to establish a stream connection between my AWSClient and a Lex Bot. I am getting the following error: ``` aws-sdk-cpp/aws-cpp-sdk-core/source/auth/signer-provider/DefaultAuthSignerProvider.cpp:48: virtual std::shared_ptr<Aws::Client::AWSAuthSigner> Aws::Auth::DefaultAuthSignerProvider::GetSigner(const String&) const: Assertion `false' failed. Aborted (core dumped) ``` when the code run through the following line: ``` lexClient->StartConversationAsync(LexRequest, OnStreamReady, OnResponseCallback, nullptr); starting.WaitOne(); ``` the entire .cpp follows: ``` #include <aws/core/Aws.h> #include <aws/core/client/AsyncCallerContext.h> #include <aws/core/utils/Outcome.h> #include <aws/core/auth/AWSCredentialsProvider.h> #include <aws/lexv2-runtime/LexRuntimeV2Client.h> #include <aws/lexv2-runtime/model/AudioInputEvent.h> #include <aws/lexv2-runtime/model/RecognizeUtteranceRequest.h> #include <aws/lexv2-runtime/model/RecognizeUtteranceResult.h> #include <aws/lexv2-runtime/model/StartConversationHandler.h> #include <aws/lexv2-runtime/model/StartConversationRequest.h> #include <aws/lexv2-runtime/model/StartConversationRequestEventStream.h> #include <aws/lex/LexRuntimeServiceClient.h> #include <aws/lex/LexRuntimeServiceRequest.h> #include <aws/lex/model/PostContentRequest.h> #include <aws/lex/model/PostContentResult.h> #include <iterator> #include <fstream> #include <chrono> #include <unistd.h> using namespace Aws::LexRuntimeV2; int SessionCount = 0; int main(int argc, char* argv[]) { std::string lexKey, lexSecret; std::string botId, botAliasId, localeId, sessionId, regionId; // bot credentials botId = "_"; botAliasId = "_"; lexKey = "_"; lexSecret = "_"; localeId = "en_US"; // starting api Aws::SDKOptions options; options.loggingOptions.logLevel = Aws::Utils::Logging::LogLevel::Info; Aws::InitAPI(options); Aws::Client::ClientConfiguration config; config.region = "us-east-1"; // creating a lex client auto lexClient = Aws::MakeUnique<LexRuntimeV2Client>("MyClient", Aws::Auth::AWSCredentials(lexKey.c_str(), lexSecret.c_str()), config); Model::StartConversationRequest LexRequest; Model::StartConversationHandler requestHandler; requestHandler.SetTranscriptEventCallback([](const Model::TranscriptEvent& ev) { std::cout << ev.GetTranscript() << std::endl; }); requestHandler.SetOnErrorCallback([](const Aws::Client::AWSError<LexRuntimeV2Errors>& error) { std::cout << "Request handler: " << error.GetMessage() << std::endl; }); LexRequest.WithLocaleId(localeId).WithBotId(botId.c_str()).WithBotAliasId(botAliasId.c_str()).WithSessionId("Blah") .WithConversationMode(Model::ConversationMode::AUDIO).WithEventStreamHandler(requestHandler); Aws::Utils::Threading::Semaphore signaling(0 /*initialCount*/, 1 /*maxCount*/); auto OnResponseCallback = [&signaling](const LexRuntimeV2Client*,const Model::StartConversationRequest&, const Model::StartConversationOutcome& outcome, const std::shared_ptr<const Aws::Client::AsyncCallerContext>&) { std::cout << "Response handler: " << outcome.GetError().GetMessage(); signaling.Release(); }; Model::StartConversationRequestEventStream* pStream = nullptr; Aws::Utils::Threading::Semaphore starting(0 /*initialCount*/, 1 /*maxCount*/); auto OnStreamReady = [&starting,&pStream](Model::StartConversationRequestEventStream& stream) { pStream = &stream; pStream->SetSignatureSeed("blah"); starting.Release(); }; lexClient->StartConversationAsync(LexRequest, OnStreamReady, OnResponseCallback, nullptr); starting.WaitOne(); std::ifstream audioFile(argv[1], std::ios_base::binary); if (!audioFile) { std::cout << "Cannot open audio file " << argv[2] << std::endl; return 0; } if (audioFile) { std:: cout << "Audio file is open: "<< std::endl; } while (!audioFile.eof()) { unsigned char buf[320 + 1]; audioFile.read((char*)buf, 320); Aws::Utils::ByteBuffer bytes(buf, audioFile.gcount()); Model::AudioInputEvent input; auto millisec_since_epoch = std::chrono::duration_cast<std::chrono::milliseconds>(std::chrono::system_clock().now().time_since_epoch()).count(); input.SetClientTimestampMillis(millisec_since_epoch); input.SetAudioChunk(bytes); input.SetContentType("audio/lpcm; sample-rate=8000; sample-size-bits=16; channel-count=1; is-big-endian=false"); pStream->WriteAudioInputEvent(input); // o erro está aqui (quando comento o StartConversation) sleep(20); } signaling.WaitOne(); // prevent the application from exiting until we're done Aws::ShutdownAPI(options); } //g++ -o main main.cpp -laws-cpp-sdk-s3 -laws-cpp-sdk-core -laws-cpp-sdk-lex -laws-cpp-sdk-lex-models -laws-cpp-sdk-lexv2-models -laws-cpp-sdk-lexv2-runtime ``` I have no idea why this is happening, and without this command i obviously can't publish events to lex, since the connection does not have started
0
answers
0
votes
20
views
asked 14 days ago