Search in sources :

Example 1 with ResourceNotFoundException

use of software.amazon.awssdk.services.iot.model.ResourceNotFoundException in project aws-greengrass-nucleus by aws-greengrass.

the class IotJobsUtils method cleanUpIotRoleForTest.

/**
 * Clean Up IoT/IAM roles for using TES.
 *
 * @param roleName      IAM role Name
 * @param roleAliasName IOT roleAlias name
 * @param certArn       IOT certificate Arn
 */
public static void cleanUpIotRoleForTest(IotClient iotClient, IamClient iamClient, String roleName, String roleAliasName, String certArn) {
    try {
        DeleteRoleAliasRequest deleteRoleAliasRequest = DeleteRoleAliasRequest.builder().roleAlias(roleAliasName).build();
        iotClient.deleteRoleAlias(deleteRoleAliasRequest);
    } catch (ResourceNotFoundException | NoSuchEntityException e) {
    // Ignore as role alias does not exist
    }
    try {
        DeleteRoleRequest deleteRoleRequest = DeleteRoleRequest.builder().roleName(roleName).build();
        iamClient.deleteRole(deleteRoleRequest);
    } catch (ResourceNotFoundException | NoSuchEntityException e) {
    // Ignore as role alias does not exist
    }
}
Also used : DeleteRoleRequest(software.amazon.awssdk.services.iam.model.DeleteRoleRequest) ResourceNotFoundException(software.amazon.awssdk.services.iot.model.ResourceNotFoundException) DeleteRoleAliasRequest(software.amazon.awssdk.services.iot.model.DeleteRoleAliasRequest) NoSuchEntityException(software.amazon.awssdk.services.iam.model.NoSuchEntityException)

Example 2 with ResourceNotFoundException

use of software.amazon.awssdk.services.iot.model.ResourceNotFoundException in project aws-greengrass-nucleus by aws-greengrass.

the class DeviceProvisioningHelper method createThing.

/**
 * Create a thing with provided configuration.
 *
 * @param client     iotClient to use
 * @param policyName policyName
 * @param thingName  thingName
 * @return created thing info
 */
public ThingInfo createThing(IotClient client, String policyName, String thingName) {
    // Find or create IoT policy
    try {
        client.getPolicy(GetPolicyRequest.builder().policyName(policyName).build());
        outStream.printf("Found IoT policy \"%s\", reusing it%n", policyName);
    } catch (ResourceNotFoundException e) {
        outStream.printf("Creating new IoT policy \"%s\"%n", policyName);
        client.createPolicy(CreatePolicyRequest.builder().policyName(policyName).policyDocument("{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n" + "      \"Effect\": \"Allow\",\n      \"Action\": [\n" + "                \"iot:Connect\",\n                \"iot:Publish\",\n" + "                \"iot:Subscribe\",\n                \"iot:Receive\",\n" + "                \"greengrass:*\"\n],\n" + "      \"Resource\": \"*\"\n    }\n  ]\n}").build());
    }
    // Create cert
    outStream.println("Creating keys and certificate...");
    CreateKeysAndCertificateResponse keyResponse = client.createKeysAndCertificate(CreateKeysAndCertificateRequest.builder().setAsActive(true).build());
    // Attach policy to cert
    outStream.println("Attaching policy to certificate...");
    client.attachPolicy(AttachPolicyRequest.builder().policyName(policyName).target(keyResponse.certificateArn()).build());
    // Create the thing and attach the cert to it
    outStream.printf("Creating IoT Thing \"%s\"...%n", thingName);
    String thingArn = client.createThing(CreateThingRequest.builder().thingName(thingName).build()).thingArn();
    outStream.println("Attaching certificate to IoT thing...");
    client.attachThingPrincipal(AttachThingPrincipalRequest.builder().thingName(thingName).principal(keyResponse.certificateArn()).build());
    return new ThingInfo(thingArn, thingName, keyResponse.certificateArn(), keyResponse.certificateId(), keyResponse.certificatePem(), keyResponse.keyPair(), client.describeEndpoint(DescribeEndpointRequest.builder().endpointType("iot:Data-ATS").build()).endpointAddress(), client.describeEndpoint(DescribeEndpointRequest.builder().endpointType("iot:CredentialProvider").build()).endpointAddress());
}
Also used : CreateKeysAndCertificateResponse(software.amazon.awssdk.services.iot.model.CreateKeysAndCertificateResponse) ResourceNotFoundException(software.amazon.awssdk.services.iot.model.ResourceNotFoundException)

Example 3 with ResourceNotFoundException

use of software.amazon.awssdk.services.iot.model.ResourceNotFoundException in project aws-greengrass-nucleus by aws-greengrass.

the class IotJobsUtils method waitForJobExecutionStatusToSatisfy.

public static void waitForJobExecutionStatusToSatisfy(IotClient client, String jobId, String thingName, Duration timeout, Predicate<JobExecutionStatus> condition) throws TimeoutException {
    Instant deadline = Instant.now().plusMillis(timeout.toMillis());
    JobExecutionStatus status = null;
    ResourceNotFoundException lastException = null;
    while (deadline.isAfter(Instant.now())) {
        try {
            status = client.describeJobExecution(DescribeJobExecutionRequest.builder().jobId(jobId).thingName(thingName).build()).execution().status();
            // which means we can stop querying
            if (JobExecutionStatus.SUCCEEDED.ordinal() <= status.ordinal() || condition.test(status)) {
                if (condition.test(status)) {
                    return;
                }
            } else if (JobExecutionStatus.SUCCEEDED.ordinal() <= status.ordinal()) {
                throw new AssertionError("Job ended in state: " + status);
            }
        } catch (ResourceNotFoundException e) {
            lastException = e;
        }
        // Wait a little bit before checking again
        try {
            Thread.sleep(1000);
        } catch (InterruptedException ignored) {
        }
    }
    throw new TimeoutException(status == null && lastException != null ? lastException.getMessage() : "Job execution status is " + status);
}
Also used : JobExecutionStatus(software.amazon.awssdk.services.iot.model.JobExecutionStatus) Instant(java.time.Instant) ResourceNotFoundException(software.amazon.awssdk.services.iot.model.ResourceNotFoundException) TimeoutException(java.util.concurrent.TimeoutException)

Example 4 with ResourceNotFoundException

use of software.amazon.awssdk.services.iot.model.ResourceNotFoundException in project aws-greengrass-nucleus by aws-greengrass.

the class DeviceProvisioningHelper method setupIoTRoleForTes.

/**
 * Create IoT role for using TES.
 *
 * @param roleName       rolaName
 * @param roleAliasName  roleAlias name
 * @param certificateArn certificate arn for the IoT thing
 */
public void setupIoTRoleForTes(String roleName, String roleAliasName, String certificateArn) {
    String roleAliasArn;
    try {
        // Get Role Alias arn
        DescribeRoleAliasRequest describeRoleAliasRequest = DescribeRoleAliasRequest.builder().roleAlias(roleAliasName).build();
        roleAliasArn = iotClient.describeRoleAlias(describeRoleAliasRequest).roleAliasDescription().roleAliasArn();
    } catch (ResourceNotFoundException ranfe) {
        outStream.printf("TES role alias \"%s\" does not exist, creating new alias...%n", roleAliasName);
        // Get IAM role arn in order to attach an alias to it
        String roleArn;
        try {
            GetRoleRequest getRoleRequest = GetRoleRequest.builder().roleName(roleName).build();
            roleArn = iamClient.getRole(getRoleRequest).role().arn();
        } catch (NoSuchEntityException | ResourceNotFoundException rnfe) {
            outStream.printf("TES role \"%s\" does not exist, creating role...%n", roleName);
            CreateRoleRequest createRoleRequest = CreateRoleRequest.builder().roleName(roleName).description("Role for Greengrass IoT things to interact with AWS services using token exchange service").assumeRolePolicyDocument("{\n  \"Version\": \"2012-10-17\",\n" + "  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n" + "      \"Principal\": {\n       \"Service\": \"" + tesServiceEndpoints.get(envStage) + "\"\n      },\n      \"Action\": \"sts:AssumeRole\"\n    }\n  ]\n}").build();
            roleArn = iamClient.createRole(createRoleRequest).role().arn();
        }
        CreateRoleAliasRequest createRoleAliasRequest = CreateRoleAliasRequest.builder().roleArn(roleArn).roleAlias(roleAliasName).build();
        roleAliasArn = iotClient.createRoleAlias(createRoleAliasRequest).roleAliasArn();
    }
    // Attach policy role alias to cert
    String iotRolePolicyName = IOT_ROLE_POLICY_NAME_PREFIX + roleAliasName;
    try {
        iotClient.getPolicy(GetPolicyRequest.builder().policyName(iotRolePolicyName).build());
    } catch (ResourceNotFoundException e) {
        outStream.printf("IoT role policy \"%s\" for TES Role alias not exist, creating policy...%n", iotRolePolicyName);
        CreatePolicyRequest createPolicyRequest = CreatePolicyRequest.builder().policyName(iotRolePolicyName).policyDocument("{\n\t\"Version\": \"2012-10-17\",\n\t\"Statement\": {\n" + "\t\t\"Effect\": \"Allow\",\n\t\t\"Action\": \"iot:AssumeRoleWithCertificate\",\n" + "\t\t\"Resource\": \"" + roleAliasArn + "\"\n\t}\n}").build();
        iotClient.createPolicy(createPolicyRequest);
    }
    outStream.println("Attaching TES role policy to IoT thing...");
    AttachPolicyRequest attachPolicyRequest = AttachPolicyRequest.builder().policyName(iotRolePolicyName).target(certificateArn).build();
    iotClient.attachPolicy(attachPolicyRequest);
}
Also used : CreateRoleRequest(software.amazon.awssdk.services.iam.model.CreateRoleRequest) CreatePolicyRequest(software.amazon.awssdk.services.iot.model.CreatePolicyRequest) DescribeRoleAliasRequest(software.amazon.awssdk.services.iot.model.DescribeRoleAliasRequest) CreateRoleAliasRequest(software.amazon.awssdk.services.iot.model.CreateRoleAliasRequest) AttachPolicyRequest(software.amazon.awssdk.services.iot.model.AttachPolicyRequest) GetRoleRequest(software.amazon.awssdk.services.iam.model.GetRoleRequest) ResourceNotFoundException(software.amazon.awssdk.services.iot.model.ResourceNotFoundException)

Aggregations

ResourceNotFoundException (software.amazon.awssdk.services.iot.model.ResourceNotFoundException)4 Instant (java.time.Instant)1 TimeoutException (java.util.concurrent.TimeoutException)1 CreateRoleRequest (software.amazon.awssdk.services.iam.model.CreateRoleRequest)1 DeleteRoleRequest (software.amazon.awssdk.services.iam.model.DeleteRoleRequest)1 GetRoleRequest (software.amazon.awssdk.services.iam.model.GetRoleRequest)1 NoSuchEntityException (software.amazon.awssdk.services.iam.model.NoSuchEntityException)1 AttachPolicyRequest (software.amazon.awssdk.services.iot.model.AttachPolicyRequest)1 CreateKeysAndCertificateResponse (software.amazon.awssdk.services.iot.model.CreateKeysAndCertificateResponse)1 CreatePolicyRequest (software.amazon.awssdk.services.iot.model.CreatePolicyRequest)1 CreateRoleAliasRequest (software.amazon.awssdk.services.iot.model.CreateRoleAliasRequest)1 DeleteRoleAliasRequest (software.amazon.awssdk.services.iot.model.DeleteRoleAliasRequest)1 DescribeRoleAliasRequest (software.amazon.awssdk.services.iot.model.DescribeRoleAliasRequest)1 JobExecutionStatus (software.amazon.awssdk.services.iot.model.JobExecutionStatus)1