Example 1 with ResourceNotFoundException
use of software.amazon.awssdk.services.iot.model.ResourceNotFoundException in project aws-greengrass-nucleus by aws-greengrass.
the class IotJobsUtils method cleanUpIotRoleForTest.
/**
* Clean Up IoT/IAM roles for using TES.
*
* @param roleName IAM role Name
* @param roleAliasName IOT roleAlias name
* @param certArn IOT certificate Arn
*/
public static void cleanUpIotRoleForTest(IotClient iotClient, IamClient iamClient, String roleName, String roleAliasName, String certArn) {
try {
DeleteRoleAliasRequest deleteRoleAliasRequest = DeleteRoleAliasRequest.builder().roleAlias(roleAliasName).build();
iotClient.deleteRoleAlias(deleteRoleAliasRequest);
} catch (ResourceNotFoundException | NoSuchEntityException e) {
// Ignore as role alias does not exist
}
try {
DeleteRoleRequest deleteRoleRequest = DeleteRoleRequest.builder().roleName(roleName).build();
iamClient.deleteRole(deleteRoleRequest);
} catch (ResourceNotFoundException | NoSuchEntityException e) {
// Ignore as role alias does not exist
}
}
Also used :
DeleteRoleRequest(software.amazon.awssdk.services.iam.model.DeleteRoleRequest)
ResourceNotFoundException(software.amazon.awssdk.services.iot.model.ResourceNotFoundException)
DeleteRoleAliasRequest(software.amazon.awssdk.services.iot.model.DeleteRoleAliasRequest)
NoSuchEntityException(software.amazon.awssdk.services.iam.model.NoSuchEntityException)
Example 2 with ResourceNotFoundException
use of software.amazon.awssdk.services.iot.model.ResourceNotFoundException in project aws-greengrass-nucleus by aws-greengrass.
the class DeviceProvisioningHelper method createThing.
/**
* Create a thing with provided configuration.
*
* @param client iotClient to use
* @param policyName policyName
* @param thingName thingName
* @return created thing info
*/
public ThingInfo createThing(IotClient client, String policyName, String thingName) {
// Find or create IoT policy
try {
client.getPolicy(GetPolicyRequest.builder().policyName(policyName).build());
outStream.printf("Found IoT policy \"%s\", reusing it%n", policyName);
} catch (ResourceNotFoundException e) {
outStream.printf("Creating new IoT policy \"%s\"%n", policyName);
client.createPolicy(CreatePolicyRequest.builder().policyName(policyName).policyDocument("{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n" + " \"Effect\": \"Allow\",\n \"Action\": [\n" + " \"iot:Connect\",\n \"iot:Publish\",\n" + " \"iot:Subscribe\",\n \"iot:Receive\",\n" + " \"greengrass:*\"\n],\n" + " \"Resource\": \"*\"\n }\n ]\n}").build());
}
// Create cert
outStream.println("Creating keys and certificate...");
CreateKeysAndCertificateResponse keyResponse = client.createKeysAndCertificate(CreateKeysAndCertificateRequest.builder().setAsActive(true).build());
// Attach policy to cert
outStream.println("Attaching policy to certificate...");
client.attachPolicy(AttachPolicyRequest.builder().policyName(policyName).target(keyResponse.certificateArn()).build());
// Create the thing and attach the cert to it
outStream.printf("Creating IoT Thing \"%s\"...%n", thingName);
String thingArn = client.createThing(CreateThingRequest.builder().thingName(thingName).build()).thingArn();
outStream.println("Attaching certificate to IoT thing...");
client.attachThingPrincipal(AttachThingPrincipalRequest.builder().thingName(thingName).principal(keyResponse.certificateArn()).build());
return new ThingInfo(thingArn, thingName, keyResponse.certificateArn(), keyResponse.certificateId(), keyResponse.certificatePem(), keyResponse.keyPair(), client.describeEndpoint(DescribeEndpointRequest.builder().endpointType("iot:Data-ATS").build()).endpointAddress(), client.describeEndpoint(DescribeEndpointRequest.builder().endpointType("iot:CredentialProvider").build()).endpointAddress());
}
Also used :
CreateKeysAndCertificateResponse(software.amazon.awssdk.services.iot.model.CreateKeysAndCertificateResponse)
ResourceNotFoundException(software.amazon.awssdk.services.iot.model.ResourceNotFoundException)
Example 3 with ResourceNotFoundException
use of software.amazon.awssdk.services.iot.model.ResourceNotFoundException in project aws-greengrass-nucleus by aws-greengrass.
the class IotJobsUtils method waitForJobExecutionStatusToSatisfy.
public static void waitForJobExecutionStatusToSatisfy(IotClient client, String jobId, String thingName, Duration timeout, Predicate<JobExecutionStatus> condition) throws TimeoutException {
Instant deadline = Instant.now().plusMillis(timeout.toMillis());
JobExecutionStatus status = null;
ResourceNotFoundException lastException = null;
while (deadline.isAfter(Instant.now())) {
try {
status = client.describeJobExecution(DescribeJobExecutionRequest.builder().jobId(jobId).thingName(thingName).build()).execution().status();
// which means we can stop querying
if (JobExecutionStatus.SUCCEEDED.ordinal() <= status.ordinal() || condition.test(status)) {
if (condition.test(status)) {
return;
}
} else if (JobExecutionStatus.SUCCEEDED.ordinal() <= status.ordinal()) {
throw new AssertionError("Job ended in state: " + status);
}
} catch (ResourceNotFoundException e) {
lastException = e;
}
// Wait a little bit before checking again
try {
Thread.sleep(1000);
} catch (InterruptedException ignored) {
}
}
throw new TimeoutException(status == null && lastException != null ? lastException.getMessage() : "Job execution status is " + status);
}
Also used :
JobExecutionStatus(software.amazon.awssdk.services.iot.model.JobExecutionStatus)
Instant(java.time.Instant)
ResourceNotFoundException(software.amazon.awssdk.services.iot.model.ResourceNotFoundException)
TimeoutException(java.util.concurrent.TimeoutException)
Example 4 with ResourceNotFoundException
use of software.amazon.awssdk.services.iot.model.ResourceNotFoundException in project aws-greengrass-nucleus by aws-greengrass.
the class DeviceProvisioningHelper method setupIoTRoleForTes.
/**
* Create IoT role for using TES.
*
* @param roleName rolaName
* @param roleAliasName roleAlias name
* @param certificateArn certificate arn for the IoT thing
*/
public void setupIoTRoleForTes(String roleName, String roleAliasName, String certificateArn) {
String roleAliasArn;
try {
// Get Role Alias arn
DescribeRoleAliasRequest describeRoleAliasRequest = DescribeRoleAliasRequest.builder().roleAlias(roleAliasName).build();
roleAliasArn = iotClient.describeRoleAlias(describeRoleAliasRequest).roleAliasDescription().roleAliasArn();
} catch (ResourceNotFoundException ranfe) {
outStream.printf("TES role alias \"%s\" does not exist, creating new alias...%n", roleAliasName);
// Get IAM role arn in order to attach an alias to it
String roleArn;
try {
GetRoleRequest getRoleRequest = GetRoleRequest.builder().roleName(roleName).build();
roleArn = iamClient.getRole(getRoleRequest).role().arn();
} catch (NoSuchEntityException | ResourceNotFoundException rnfe) {
outStream.printf("TES role \"%s\" does not exist, creating role...%n", roleName);
CreateRoleRequest createRoleRequest = CreateRoleRequest.builder().roleName(roleName).description("Role for Greengrass IoT things to interact with AWS services using token exchange service").assumeRolePolicyDocument("{\n \"Version\": \"2012-10-17\",\n" + " \"Statement\": [\n {\n \"Effect\": \"Allow\",\n" + " \"Principal\": {\n \"Service\": \"" + tesServiceEndpoints.get(envStage) + "\"\n },\n \"Action\": \"sts:AssumeRole\"\n }\n ]\n}").build();
roleArn = iamClient.createRole(createRoleRequest).role().arn();
}
CreateRoleAliasRequest createRoleAliasRequest = CreateRoleAliasRequest.builder().roleArn(roleArn).roleAlias(roleAliasName).build();
roleAliasArn = iotClient.createRoleAlias(createRoleAliasRequest).roleAliasArn();
}
// Attach policy role alias to cert
String iotRolePolicyName = IOT_ROLE_POLICY_NAME_PREFIX + roleAliasName;
try {
iotClient.getPolicy(GetPolicyRequest.builder().policyName(iotRolePolicyName).build());
} catch (ResourceNotFoundException e) {
outStream.printf("IoT role policy \"%s\" for TES Role alias not exist, creating policy...%n", iotRolePolicyName);
CreatePolicyRequest createPolicyRequest = CreatePolicyRequest.builder().policyName(iotRolePolicyName).policyDocument("{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": {\n" + "\t\t\"Effect\": \"Allow\",\n\t\t\"Action\": \"iot:AssumeRoleWithCertificate\",\n" + "\t\t\"Resource\": \"" + roleAliasArn + "\"\n\t}\n}").build();
iotClient.createPolicy(createPolicyRequest);
}
outStream.println("Attaching TES role policy to IoT thing...");
AttachPolicyRequest attachPolicyRequest = AttachPolicyRequest.builder().policyName(iotRolePolicyName).target(certificateArn).build();
iotClient.attachPolicy(attachPolicyRequest);
}
Also used :
CreateRoleRequest(software.amazon.awssdk.services.iam.model.CreateRoleRequest)
CreatePolicyRequest(software.amazon.awssdk.services.iot.model.CreatePolicyRequest)
DescribeRoleAliasRequest(software.amazon.awssdk.services.iot.model.DescribeRoleAliasRequest)
CreateRoleAliasRequest(software.amazon.awssdk.services.iot.model.CreateRoleAliasRequest)
AttachPolicyRequest(software.amazon.awssdk.services.iot.model.AttachPolicyRequest)
GetRoleRequest(software.amazon.awssdk.services.iam.model.GetRoleRequest)
ResourceNotFoundException(software.amazon.awssdk.services.iot.model.ResourceNotFoundException)
Aggregations
ResourceNotFoundException (software.amazon.awssdk.services.iot.model.ResourceNotFoundException)4
Instant (java.time.Instant)1
TimeoutException (java.util.concurrent.TimeoutException)1
CreateRoleRequest (software.amazon.awssdk.services.iam.model.CreateRoleRequest)1
DeleteRoleRequest (software.amazon.awssdk.services.iam.model.DeleteRoleRequest)1
GetRoleRequest (software.amazon.awssdk.services.iam.model.GetRoleRequest)1
NoSuchEntityException (software.amazon.awssdk.services.iam.model.NoSuchEntityException)1
AttachPolicyRequest (software.amazon.awssdk.services.iot.model.AttachPolicyRequest)1
CreateKeysAndCertificateResponse (software.amazon.awssdk.services.iot.model.CreateKeysAndCertificateResponse)1
CreatePolicyRequest (software.amazon.awssdk.services.iot.model.CreatePolicyRequest)1
CreateRoleAliasRequest (software.amazon.awssdk.services.iot.model.CreateRoleAliasRequest)1
DeleteRoleAliasRequest (software.amazon.awssdk.services.iot.model.DeleteRoleAliasRequest)1
DescribeRoleAliasRequest (software.amazon.awssdk.services.iot.model.DescribeRoleAliasRequest)1
JobExecutionStatus (software.amazon.awssdk.services.iot.model.JobExecutionStatus)1
