使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

"Getting started with AWS IoT Core" Shadow Python scripts get connection exception

0

Using "Getting started with AWS IoT Core" to generate Python scripts. The basicPubSub.py sample script works fine. The Shadow examples, basicShadowDetailListener.py, basicShadowUpdater.py and ThingShadowEcho.py all get connection timeout exception when run.

2022-04-03 13:08:49,371 - AWSIoTPythonSDK.core.protocol.mqtt_core - ERROR - Connect timed out Traceback (most recent call last): File "/home/pi/connect_device_package/aws-iot-device-sdk-python/samples/basicShadow/basicShadowDeltaListener.py", line 110, in <module> myAWSIoTMQTTShadowClient.connect() File "/usr/local/lib/python3.9/dist-packages/AWSIoTPythonSDK/MQTTLib.py", line 1278, in connect return self._AWSIoTMQTTClient.connect(keepAliveIntervalSecond) File "/usr/local/lib/python3.9/dist-packages/AWSIoTPythonSDK/MQTTLib.py", line 520, in connect return self._mqtt_core.connect(keepAliveIntervalSecond) File "/usr/local/lib/python3.9/dist-packages/AWSIoTPythonSDK/core/protocol/mqtt_core.py", line 199, in connect raise connectTimeoutException() AWSIoTPythonSDK.exception.AWSIoTExceptions.connectTimeoutException

The IoT client and Shadow client appear to have the same connection configuration parameters

AWSIoTMQTTShadowClient configuration

myAWSIoTMQTTShadowClient.configureAutoReconnectBackoffTime(1, 32, 20) myAWSIoTMQTTShadowClient.configureConnectDisconnectTimeout(10) # 10 sec myAWSIoTMQTTShadowClient.configureMQTTOperationTimeout(5) # 5 sec

AWSIoTMQTTClient connection configuration

myAWSIoTMQTTClient.configureAutoReconnectBackoffTime(1, 32, 20) myAWSIoTMQTTClient.configureOfflinePublishQueueing(-1) # Infinite offline Publish queueing myAWSIoTMQTTClient.configureDrainingFrequency(2) # Draining: 2 Hz myAWSIoTMQTTClient.configureConnectDisconnectTimeout(10) # 10 sec myAWSIoTMQTTClient.configureMQTTOperationTimeout(5) # 5 sec

  • AWS-User-5524412
    2 年前

    Running basicPubSub.py results in a 'connack'. Running basicShadowDeltaListener.py results in a 'disconnect' with the same parameters used.

    2022-04-06 08:00:49,884 - AWSIoTPythonSDK.core.protocol.internal.workers - DEBUG - Produced [connack] event

    2022-04-06 08:02:12,820 - AWSIoTPythonSDK.core.protocol.internal.workers - DEBUG - Produced [disconnect] event

主題
物聯網 (IoT)
標籤
AWS IoT Core
語言
English
AWS-User-5524412
已提問 2 年前檢視次數 643 次
1 個回答
0

Hi,

the IoT policy that is created by the "getting started" guide in the IoT Core console does not have permissions to interact with the shadow.

  1. The shadow delta listener uses by default the client id basicShadowDeltaListener which is not allowed in the policy.
  2. The policy does not include permissions to interact with the device shadow topics

For me the following modified policy works with the basicShadowDeltaListener in case you use repost as thing name and client id:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iot:Publish",
        "iot:Receive",
        "iot:RetainPublish"
      ],
      "Resource": [
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topic/sdk/test/java",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topic/sdk/test/Python",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topic/topic_1",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topic/topic_2",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topic/$aws/things/repost/shadow/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": "iot:Subscribe",
      "Resource": [
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topicfilter/sdk/test/java",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topicfilter/sdk/test/Python",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topicfilter/topic_1",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topicfilter/topic_2",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:topicfilter/$aws/things/repost/shadow/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": "iot:Connect",
      "Resource": [
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:client/sdk-java",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:client/basicPubSub",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:client/repost",
        "arn:aws:iot:REPLACE_WITH_YOUR_AWS_REGION:REPLACE_WITH_YOUR_AWS_ACCOUNT_NUMBER:client/sdk-nodejs-*"
      ]
    }
  ]
}

You can find more information about IoT Policies in the developer guide.

KR, Philipp

AWS
專家
Philipp S
已回答 2 年前
  • AWS-User-5524412
    2 年前

    Thanks for your response. After applying the policy changes mentioned, the connection issue still persists.

  • Philipp S 專家
    2 年前

    Did you use "repost" for thing name and client id? If not you need to modify the policy accordingly. You can also take a look at CloudWatch logs (insights) to find connection errors.

  • AWS-User-5524412
    2 年前

    Changed the "repost" to the name of my Thing

  • AWS-User-5524412
    2 年前

    Publishing the get topic to the shadow from the MQTT Test Client returns get/accepted

    $aws/things/GatewayPi4/shadow/get/accepted April 06, 2022, 12:16:07 (UTC-0700) { "state": {}, "metadata": {}, "version": 3, "timestamp": 1649272567 } $aws/things/GatewayPi4/shadow/get April 06, 2022, 12:16:07 (UTC-0700) { "message": "Hello from AWS IoT console" }

  • AWS-User-5524412
    2 年前

    publishing to the reserved shadow topics works, but subscribing to reserved topics fails.

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容