Aws-iot-device-sdk-python-v2: MQTT over Websocket can't connect

Created on 28 Apr 2020  ·  3Comments  ·  Source: aws/aws-iot-device-sdk-python-v2

Confirm by changing [ ] to [x] below to ensure that it's a bug:

Describe the bug
MQTT over Websocket connection can't connect, even though a normal MQTT is working fine.

SDK version number
awscrt==0.5.13
awsiotsdk==1.0.6

Platform/OS/Device
MAC

To Reproduce (observed behavior)

  1. Create a new Thing with a Policy iot:* and * for the ARN.
    2.- Execute the pubsub example with the websocket option, it won't work.

Expected behavior
To work as smooth as possible

Logs/output

Full logs can be found here

python pubsub.py --endpoint xxxxxxxx-ats.iot.us-east-2.amazonaws.com --root-ca AmazonRootCA1.pem   --cert Certificate.crt  --key PrivateKey.pem.key  --use-websocket --signing-region us-east-2 --verbosity Debug

Additional context
When connecting without websocket it works as expected.

bug needs-triage
Source
picture victorct-pronto

All 3 comments

You can close this, it was a problem with the permissions related to the permissions of the IAM user, so some feedback:

  1. It would be awesome if the error shows something related to this and not:
    awscrt.exceptions.AwsCrtError: AwsCrtError(name='AWS_ERROR_MQTT_UNEXPECTED_HANGUP', message='The connection was closed unexpectedly.', code=5134)
    2.- It would be awesome if you can point people to the documentation where says which permissions are needed, I gave AWSIOTFullAccess, and it worked, but I don't know exactly which ones are needed.
victorct-pronto picture victorct-pronto on 28 Apr 2020
👀1 👍1

Hi, sorry II didn't get how you solved the problem. Can you explain more? I have the same problem when using the sample shadow.py and I am a beginner

asmaa-niati picture asmaa-niati on 24 Jan 2021

There can be many causes for an unexpected hangup, but victorct-pronto fixed his problem by using a super permissive IAM policy called AWSIOTFullAccess. It looks like this:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iot:*"
            ],
            "Resource": "*"
        }
    ]
}

After you get your code working make sure to reduce the policy permissions to only what is required. Also if you are still having trouble getting it working I recommend opening a new issue describing what you have tried and where you are stuck.

jmklix picture jmklix on 25 Jan 2021
Was this page helpful?
0 / 5 - 0 ratings

Related issues

GauravPatni picture GauravPatni  ·  4Comments
qcabrol picture qcabrol  ·  8Comments
shravan097 picture shravan097  ·  6Comments
banuprathap picture banuprathap  ·  10Comments
satay99 picture satay99  ·  6Comments