Internet of Things (IoT)

There are billions of devices in homes, factories, oil wells, hospitals, cars, and thousands of other places. With the proliferation of devices, you increasingly need solutions to connect them, and collect, store, and analyze device data.

Recent questions

see all
1/18

Lambda component with IPC permissions in Greengrass V2

We have migrated a lambda from AWS Greengrass v1 to AWS Greengrass v2. This lambda needs to extract and decrypt a secret from Greengrass Core. How can we authorize the component to perform IPC permissions to the lambda for that? Regular components recipes have the option `ComponentConfiguration/DefaultConfiguration/accessControl`. However when we build the component out of a lambda using AWS CLI [create-component-version](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/greengrassv2/create-component-version.html) and option `--lambda-function`, there is no option to assign authorization policies. One way we tried to make it work is by using a *merge update* in our deployment (as documented [here](https://docs.aws.amazon.com/greengrass/v2/developerguide/ipc-secret-manager.html)). ``` "accessControl": { "aws.greengrass.SecretManager": { "<my-component>:secrets:1": { "policyDescription": "Credentials for server running on edge.", "operations": [ "aws.greengrass#GetSecretValue" ], "resources": [ "arn:aws:secretsmanager:us-east-1:<account-id>:secret:xxxxxxxxxx" ] } } } ``` However the end recipe of the component (in the deployment) does not display the `accessControl` (AWS Greengrass Console), so we assume it has not been *merge updated.* ``` ... "ComponentConfiguration": { "DefaultConfiguration": { "lambdaExecutionParameters": { "EnvironmentVariables": { "LOG_LEVEL": "DEBUG" } }, "containerParams": { "memorySize": 16384, "mountROSysfs": false, "volumes": {}, "devices": {} }, "containerMode": "NoContainer", "timeoutInSeconds": 30, "maxInstancesCount": 10, "inputPayloadEncodingType": "json", "maxQueueSize": 200, "pinned": false, "maxIdleTimeInSeconds": 30, "statusTimeoutInSeconds": 30, "pubsubTopics": { "0": { "topic": "dt/app/+/status/update", "type": "PUB_SUB" } } } }, ``` Any guidance here would be greatly appreciated! Thanks
1
answers
0
votes
4
views
profile picture
rodmaz
asked an hour ago

Setting up a raspberry pi and PreTestValidation is failing

When I run the test it fails saying it cannot make the directory /temp/idt. I am not sure where exactly it is trying to make this directory though. I am running the test from terminal on my Mac but I have the latest MacOS installed and you cannot create a folder in the root anymore. I can modify a file that will create something like a shortcut there that the system perceives to be a folder but it's just an alias. Is there a way to bypass this test or change the directory location so it won't bottleneck here? the command is using a "-p" switch so in theory if I know exactly where this is being created I can just create it manually and it should overlook after that. I just can't seem to see where it should go. The details, output, and logs are below. I appreciate any input here. So simply put, I have all the prelims done, the environment: I'm running AWS CLI on my MacBook Air M2 (2022) running MacOS Ventura and the edge device is a Raspberry Pi 4 model B running 11.8. Testing suite: devicetester_greengrass_v2_4.5.11_testsuite_2.4.1_mac when I run ./devicetester_mac_x86-64 run-suite --userdata userdata.json the output is: davidosullivan@Davids-MacBook-Air bin % ./devicetester_mac_x86-64 run-suite --userdata userdata.json [INFO] [2022-11-28 05:39:34]: Running pool=pool1 idt=4.5.11 suite=GGV2Q_2.4.1 [WARNING] [2022-11-28 05:39:34]: IDT is accessing to Device Under Test with an insecure SSH method, to make it more secure you can provide publicKeyPath to device.json or resource.json file. More details can be found on AWS IoT Device Tester documentation Configure IDT settings section. [INFO] [2022-11-28 05:39:35]: Automatic updates are supported for this release of IDT, checking for updates. [INFO] [2022-11-28 05:39:35]: executionId=a8751a98-6ed6-11ed-b7fb-f293db416e41 suiteId=GGV2Q [WARNING] [2022-11-28 05:39:35]: Failed to get version of Greengrass with error exit status 1 [WARNING] [2022-11-28 05:39:35]: Device Tester is not able to check for any latest IDT test suites [INFO] [2022-11-28 05:39:35]: Using test suite "GGV2Q_2.4.1" for execution [WARNING] [2022-11-28 05:39:35]: IDT is accessing to Device Under Test with an insecure SSH method, to make it more secure you can provide publicKeyPath to device.json or resource.json file. More details can be found on AWS IoT Device Tester documentation Configure IDT settings section. time="2022-11-28T05:39:35+01:00" level=info msg="GGV2 Suite Info" hostArch=amd64 hostName=Davids-Air.home hostOs=darwin groupId=pretestvalidation testCaseId=pretestvalidation deviceId=raspberrypi time="2022-11-28T05:39:35+01:00" level=info msg="Running test case" time="2022-11-28T05:39:35+01:00" level=info msg="Setting up device for testing" time="2022-11-28T05:39:36+01:00" level=info msg="Device architecture: armv7l" time="2022-11-28T05:39:36+01:00" level=info msg="Cleaning up test resources..." time="2022-11-28T05:39:36+01:00" level=info msg="Temporary resources on DUT are successfully removed" time="2022-11-28T05:39:36+01:00" level=info msg="Cleaning up dut resources..." time="2022-11-28T05:39:36+01:00" level=info msg="Cleaning up AWS resources... This may take a while..." [ERROR] [2022-11-28 05:39:36]: Test exited unsuccessfully executionId=a8751a98-6ed6-11ed-b7fb-f293db416e41 testCaseId=pretestvalidation error=exit status 1 [INFO] [2022-11-28 05:39:36]: All tests finished. executionId=a8751a98-6ed6-11ed-b7fb-f293db416e41 [INFO] [2022-11-28 05:39:36]: ========== Test Summary ========== Execution Time: 1s Tests Completed: 1 Tests Passed: 0 Tests Failed: 1 Tests Skipped: 0 ---------------------------------- Test Groups: pretestvalidation: FAILED ---------------------------------- Failed Tests: Group Name: pretestvalidation Test Name: pretestvalidation Reason: Command '{mkdir -p /temp/idt map[] 0s}' exited with code 1. Error output: mkdir: cannot create directory ‘/temp/idt’: Permission denied . ---------------------------------- Path to AWS IoT Device Tester Report: /Users/davidosullivan/projects/idt/devicetester_greengrass_v2_mac/results/a8751a98-6ed6-11ed-b7fb-f293db416e41/awsiotdevicetester_report.xml Path to Test Execution Logs: /Users/davidosullivan/projects/idt/devicetester_greengrass_v2_mac/results/a8751a98-6ed6-11ed-b7fb-f293db416e41/logs Path to Aggregated JUnit Report: /Users/davidosullivan/projects/idt/devicetester_greengrass_v2_mac/results/a8751a98-6ed6-11ed-b7fb-f293db416e41/GGV2Q_Report.xml ================================== Note: davidosullivan@Davids-MacBook-Air bin % The Logs <testsuites name="GGV2Q results" time="1" tests="1" failures="0" skipped="0" errors="1" disabled="0"> <testsuite name="pretestvalidation" package="" tests="1" failures="0" time="1" disabled="0" errors="1" skipped="0"> <testcase classname="GGV2Q pretestvalidation" name="pretestvalidation"> <error>Command &#39;{mkdir -p /temp/idt map[] 0s}&#39; exited with code 1. Error output: mkdir: cannot create directory ‘/temp/idt’: Permission denied&#xA;.</error> </testcase> </testsuite> </testsuites> <apnreport> <awsiotdevicetesterversion>4.5.11</awsiotdevicetesterversion> <testsuiteversion>2.4.1</testsuiteversion> <signature>283938a8376e684465e29efa2a88e61c1543dfd58dff21451248d707d73403a4bd81f766e97977ca46a986384b863a4698bdbc39c58d9f6d8edc3d26d49348a7</signature> <keyname>65d77318-3995-4993-9dd5-01b329742307</keyname> <session> <testsession>958c70de-6ed6-11ed-b139-f293db416e41</testsession> <starttime>2022-11-28T05:39:04.549453+01:00</starttime> <endtime>2022-11-28T05:39:05.584253+01:00</endtime> </session> <awsproduct> <name>AWS Greengrass</name> <version></version> <features> <feature name="aws-iot-greengrass-v2-core" value="not-supported" type="required"></feature> <feature name="aws-iot-greengrass-v2-ml-component" value="not-supported" type="optional"></feature> <feature name="aws-iot-greengrass-v2-docker-application-manager" value="not-supported" type="optional"></feature> <feature name="aws-iot-greengrass-v2-stream-management-component" value="not-supported" type="optional"></feature> <feature name="aws-iot-greengrass-v2-hsi" value="not-supported" type="optional"></feature> </features> </awsproduct> <device> <sku>hbshub</sku> <name>pool1</name> <features> <feature name="arch" value="armv7l"></feature> <feature name="ml" value="no"></feature> <feature name="docker" value="no"></feature> <feature name="streamManagement" value="no"></feature> <feature name="hsi" value="hsm | no"></feature> <feature name="platform.operatingSystem" value="Linux"></feature> </features> <executionMethod>ssh</executionMethod> </device> <devenvironment> <os name="darwin"></os> </devenvironment> <qualificationsuite> <checksumkeyname>GGV2Q_mac_2.4.1</checksumkeyname> <checksum>ca8c0331d16637835af8dc2f403ffcf217a70022e6c89e119f9be53d6ec2bb7f4ca30f21984d49a3a10634b0077a2a36</checksum> </qualificationsuite> <report> <testsuites name="GGV2Q results" time="1" tests="1" failures="0" skipped="0" errors="1" disabled="0"> <testsuite name="pretestvalidation" package="" tests="1" failures="0" time="1" disabled="0" errors="1" skipped="0"> <testcase classname="GGV2Q pretestvalidation" name="pretestvalidation"> <error>Command &#39;{mkdir -p /temp/idt map[] 0s}&#39; exited with code 1. Error output: mkdir: cannot create directory ‘/temp/idt’: Permission denied&#xA;.</error> </testcase> </testsuite> </testsuites> </report> </apnreport>
1
answers
0
votes
19
views
asked 3 days ago

Unable to deploy Greengrass V2 available component

**Environment:** Greengrass V2 Nucleus (2.9.1) running as Docker container. We developed one `aws.greengrass.generic` component and have successfully published 4 versions (1.0.0, 1.0.1, 1.0.2 and 1.0.3). All three versions are published, displayed in Greengrass V2 console and artifacts correctly available in the S3 bucket. ``` [2022-11-26 17:32:54] INFO - Getting project configuration from gdk-config.json [2022-11-26 17:32:54] INFO - Found component recipe file 'recipe.yaml' in the project directory. [2022-11-26 17:32:54] INFO - Found credentials in shared credentials file: ~/.aws/credentials [2022-11-26 17:32:55] INFO - Using '1.0.3' as the next version of the component '<my-component>' to create. [2022-11-26 17:32:55] INFO - Publishing the component '<my-component>' with the given project configuration. [2022-11-26 17:32:55] INFO - Uploading the component built artifacts to s3 bucket. [2022-11-26 17:32:55] INFO - Uploading component artifacts to S3 bucket: <my-bucket>. If this is your first time using this bucket, add the 's3:GetObject' permission to each core device's token exchange role to allow it to download the component artifacts. For more information, see https://docs.aws.amazon.com/greengrass/v2/developerguide/device-service-role.html. [2022-11-26 17:32:56] INFO - Successfully created the artifacts bucket '<my-bucket>' in region 'us-east-1' [2022-11-26 17:32:58] INFO - Updating the component recipe <my-component>-1.0.3. [2022-11-26 17:32:58] INFO - Creating a new greengrass <my-component>-1.0.3 [2022-11-26 17:32:58] INFO - Created private version '1.0.3' of the component in the account.'<my-component>'. ``` **However**, we apparently can only deploy version `1.0.0` successfully. All other versions fail. ``` 2022-11-26T20:19:01.427Z [INFO] (pool-2-thread-47) com.aws.greengrass.componentmanager.ComponentManager: prepare-package-start. {packageIdentifier=<my-component>-v1.0.0} ``` When we try to deploy *ANY* newer version (e.g. `1.0.3`), we always get this error: ``` 2022-11-26T20:36:10.987Z [ERROR] (pool-2-thread-51) com.aws.greengrass.deployment.DeploymentService: Error occurred while processing deployment. {deploymentId=3a4cb705-db16-4b5b-94b4-30e53f0edc9b, serviceName=DeploymentService, currentState=RUNNING} java.util.concurrent.ExecutionException: com.aws.greengrass.componentmanager.exceptions.NoAvailableComponentVersionException: No local or cloud component version satisfies the requirements Check whether the version constraints conflict and that the component exists in your AWS account with a version that matches the version constraints. If the version constraints conflict, revise deployments to resolve the conflict. Component <my-component> version constraints: thing/<thing-name> requires =1.0.3. ... 2022-11-26T20:36:20.733Z [ERROR] (pool-2-thread-9) com.aws.greengrass.deployment.DeploymentService: Deployment task failed with following errors. {DeploymentId=arn:aws:greengrass:us-east-1:<account-id>:configuration:thing/<my-thing>:5, detailed-deployment-status=FAILED_NO_STATE_CHANGE, deployment-error-types=[REQUEST_ERROR], GreengrassDeploymentId=3a4cb705-db16-4b5b-94b4-30e53f0edc9b, serviceName=DeploymentService, currentState=RUNNING, deployment-error-stack=[DEPLOYMENT_FAILURE, NO_AVAILABLE_COMPONENT_VERSION, COMPONENT_VERSION_REQUIREMENTS_NOT_MET]} com.aws.greengrass.componentmanager.exceptions.NoAvailableComponentVersionException: No local or cloud component version satisfies the requirements Check whether the version constraints conflict and that the component exists in your AWS account with a version that matches the version constraints. If the version constraints conflict, revise deployments to resolve the conflict. Component <my-component> version constraints: thing/<my-thing> requires =1.0.3. at com.aws.greengrass.componentmanager.ComponentManager.negotiateVersionWithCloud(ComponentManager.java:229) at com.aws.greengrass.componentmanager.ComponentManager.resolveComponentVersion(ComponentManager.java:164) at com.aws.greengrass.componentmanager.DependencyResolver.lambda$resolveDependencies$2(DependencyResolver.java:125) at com.aws.greengrass.componentmanager.DependencyResolver.resolveComponentDependencies(DependencyResolver.java:221) at com.aws.greengrass.componentmanager.DependencyResolver.resolveDependencies(DependencyResolver.java:123) at com.aws.greengrass.deployment.DefaultDeploymentTask.lambda$call$2(DefaultDeploymentTask.java:125) ``` As stated, the component is available in Greengrass V2 console and artifacts correctly published in S3.
4
answers
0
votes
59
views
profile picture
rodmaz
asked 4 days ago

Recent articles

see all
1/4

Popular users

see all
1/18