使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Greengrass V2 # Token Exchange Service # Lambda Invoke

0

Hi there!

We want to make Lambda, SNS service calls from Greengrass V2 custom component. Issue we are am facing here is, from where we can get the secret_key and access_key. We do have gone through token exchange service. We have added this service as dependency in custom component.

Following is the method of custom component which make Lambda call.

public String invokeLambda(String functionName, JsonObject payload) {
	InvokeRequest lmbRequest = new InvokeRequest().withFunctionName(functionName).withPayload(payload.toString());
	LOGGER.info("AWS_CONTAINER_AUTHORIZATION_TOKEN  :: " + System.getenv("AWS_CONTAINER_AUTHORIZATION_TOKEN"));
	LOGGER.info("AWS_CONTAINER_CREDENTIALS_FULL_URI :: " + System.getenv("AWS_CONTAINER_CREDENTIALS_FULL_URI"));
	lmbRequest.setInvocationType(InvocationType.RequestResponse);

	AWSLambda lambda = AWSLambdaClientBuilder.standard().withRegion(Regions.US_WEST_2)
			.withCredentials(new EC2ContainerCredentialsProviderWrapper()).build();
	InvokeResult lmbResult = lambda.invoke(lmbRequest);
	String resultJSON = new String(lmbResult.getPayload().array(), Charset.forName("UTF-8"));
	LOGGER.info("Result from Lamdaexecution:::" + resultJSON);
	return resultJSON;
}

Log is printing Token and Credential URI which you can refer in following logs.

Error : com.amazonaws.SdkClientException: Failed to connect to service

Logs of the application is as below

2023-04-12T09:41:56.208Z [WARN] (Copier) DatabaseManager: stderr. 04-12 09:41:56.208 47 W/CouchbaseLite/QUERY: [JAVA] End of query enumeration. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:56.258Z [WARN] (Copier) DatabaseManager: stderr. 04-12 09:41:56.257 47 W/CouchbaseLite/QUERY: [JAVA] End of query enumeration. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:56.327Z [WARN] (Copier) DatabaseManager: stderr. 04-12 09:41:56.326 47 W/CouchbaseLite/QUERY: [JAVA] End of query enumeration. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:56.336Z [INFO] (Copier) DatabaseManager: stdout. 2023-04-12 09:41:56.336 INFO 2832 --- [nio-8081-exec-6] c.s.service.impl.UpdateServiceImpl : Type:::OS Version:::00.00.02. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:56.379Z [INFO] (Copier) DatabaseManager: stdout. 2023-04-12 09:41:56.379 INFO 2832 --- [nio-8081-exec-6] com.softacuity.util.LambdaUtil : AWS_CONTAINER_AUTHORIZATION_TOKEN :: DNVCLW02DA54UUZX. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:56.379Z [INFO] (Copier) DatabaseManager: stdout. 2023-04-12 09:41:56.379 INFO 2832 --- [nio-8081-exec-6] com.softacuity.util.LambdaUtil : AWS_CONTAINER_CREDENTIALS_FULL_URI :: http://localhost:41333/2016-11-01/credentialprovider/. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:59.323Z [INFO] (Copier) DatabaseManager: stdout. 2023-04-12 09:41:59.321 ERROR 2832 --- [nio-8081-exec-6] c.s.controller.UpdateController : Exception !. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:59.324Z [INFO] (Copier) DatabaseManager: stdout. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:59.324Z [INFO] (Copier) DatabaseManager: stdout. com.amazonaws.SdkClientException: Failed to connect to service endpoint:. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING} 2023-04-12T09:41:59.324Z [INFO] (Copier) DatabaseManager: stdout. at com.amazonaws.internal.EC2ResourceFetcher.doReadResource(EC2ResourceFetcher.java:112) ~[aws-java-sdk-core-1.12.445.jar!/:na]. {scriptName=services.DatabaseManager.lifecycle.Run, serviceName=DatabaseManager, currentState=RUNNING}

  • MichaelDombrowski-AWS 專家
    1 年前

    Review the greengrass log for errors at the same time /greengrass/v2/logs/greengrass.log.

  • rePost-User-7846458
    1 年前

    Hey Michael,

    on same event greengrass.log prints following.

    2023-04-13T04:44:00.775Z [INFO] (pool-2-thread-1229) com.aws.greengrass.tes.CredentialRequestHandler: Received IAM credentials that will be cached until 2023-04-13T05:39:00Z. {iotCredentialsPath=/role-aliases/GreengrassCoreTokenExchangeRoleAlias/credentials}

  • rePost-User-7846458
    1 年前

    Hey Michael,

    It seems that in second attempt application able to make a call to lambda. First time only its giving mentioned error. Is there retry logic required to be implement ??

    Regards, Nalay

  • MichaelDombrowski-AWS 專家
    1 年前

    Yes you should certainly implement retries. Please also ensure you are using the latest version of Greengrass Nucleus 2.9.5

主題
物聯網 (IoT)無伺服器運算
標籤
AWS IoT GreengrassAWS Lambda
語言
English
rePost-User-7846458
已提問 1 年前檢視次數 55 次
沒有答案

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容