AWS DynamoDB Connection Troubles

sealamb · 2019-01-31 13:24:49 UTC

Excited to start using the NXP Rapid IoT device I quickly tried to move on from “Getting to Blinky” to accessing AWS databases. I have not yet been able to get AWS DynamoDB integrated with my device. I have tried using both the AtmosphereIOT studio and the white-label version of Studio hosted by NXP. AtmosphereIOT informed me yesterday that there may be a problem with the AWS DynamoDB Element and they were working to resolve the problem. This morning I tried a few other ideas and still no connection that I can see. Here are my questions:

How can I tell if I have successfully connected to AWS DynamoDB? My thought is that I can look at IAM>Roles>Access Advisor to see if AtmoshereIOT has connected. The response I get everytime is “Not accessed in the tracking period”. Is this a valid way to see if I my AtmosphereIOT device has connected to AWS, or is there another way (better way) to check? In other words, can I test the connection creditials faster than the process of compiling, updloading, re-provisioning every time I want to try something new?
Perhaps my AtmosphereIOT IAM credentials are wrong. I created an IAM role and permissions as stated in https://developer.atmosphereiot.com/documents/guides/awsintegrationsetupguide.html
Is there as way to essentially ping the connection to get confirmation that my setup works with the Atmosphere Account ID?
I am trying to interpret the AtmosphereIOT ASWDyanmoDB Element help page. I am not sure what needs to be sent to AWSDynamoDB to PUT a record… Is it the full JSON object or just the KEY:Value or is it a full NoSQL command? Would someone please provide a quick example for the Abilities - Read, Put, Delete, Update? It would be a great help to have these examples linked to the Help page for the AWSDyanmoDB Element.

Thank you,
Chris

ae-atmosphereiot · 2019-01-31 14:30:30 UTC

Hi @sealamb I am looking forward to help troubleshoot your issues connecting to AWS. Would you mind sharing a copy of your .atmo file to see if there’s anything missing?

sealamb · 2019-01-31 15:16:36 UTC

Thank you for your quick response.
I have a couple of problems.

I cannot upload the atmo file as a New User.
The atmo file is too long to place in this note.

Until I have a way to get you the atmo file, here is a snippet of the CLOUD section. I have “####” out AWS my account number. Also, I suspecting the PUT “item” JSON object that you will find may be wrong - I have tried many different approaches. But ultimately, I do not believe I am establishing connection with AWS.

Thank you,
Chris

“item”: {
“code”: “{temperatures2:{temp2: value}}”
}

“Cloud”: {
“type”: “cloud”,
“compilerVersion”: “latest”,
“variants”: [],
“meta”: {},
“elements”: [
{
“name”: “CloudEvent”,
“type”: “CloudEvent”,
“variants”: [
“cloud”
],
“properties”: {
“errorData”: null,
“value”: null
},
“meta”: {
“editorX”: 177,
“editorY”: 192,
“lastTrigger”: “eventReceived”
},
“triggers”: {
“triggered”: [],
“eventReceived”: [
{
“mapping”: {
“value”: {
“code”: “{temp:value}”
}
},
“targetOrder”: [
“value”
],
“targetElement”: “CloudStorage”,
“targetAbility”: “addData”
},
{
“mapping”: {
“item”: {
“code”: “{temperatures2:{temp2: value}}”
}
},
“targetOrder”: [
“item”
],
“targetElement”: “AWSDynamoDB”,
“targetAbility”: “put”
}
]
},
“coupledElementName”: “CloudEvent”,
“coupledElementPlaneName”: “App View”
},
{
“name”: “CloudStorage”,
“type”: “CloudStorage”,
“variants”: [
“cloud”
],
“properties”: {
“errorData”: null,
“value”: null
},
“meta”: {
“editorX”: 482,
“editorY”: 376,
“lastTrigger”: “dataAdded”
},
“triggers”: {
“triggered”: [],
“dataAdded”: [],
“dataUpdated”: [],
“dataRemoved”: [],
“dataQueried”: []
}
},
{
“name”: “AWSDynamoDB”,
“type”: “CloudAWSDynamoDB”,
“variants”: [
“cloud”
],
“properties”: {
“errorData”: null,
“region”: “us-east-2”,
“externalId”: “NXP_Atmosphere_Role”,
“roleArn”: “arn:aws:iam::############:role/NXP_Atmosphere_Role”,
“tableName”: “temperatures2”
},
“meta”: {
“editorX”: 559,
“editorY”: 71,
“lastTrigger”: “placed”
},
“triggers”: {
“triggered”: [],
“gotten”: [],
“placed”: [],
“updated”: [],
“deleted”: []
}
}
],
“layout”: {
“height”: 1000,
“width”: 1000,
“zIndexOrder”: []
}

ae-atmosphereiot · 2019-01-31 15:21:58 UTC

@sealamb

Ok, This should be enough for now… Perhaps you could try private messaging me your ATMO?

ae-atmosphereiot · 2019-02-06 18:31:12 UTC

Dear @sealamb ,

Thank you for your patience. AWS DynamoDB with Phone Test (1).atmo (383.0 KB)

Attached is an example project that will make the Rapid IoT upload temperature readings every second to a table called AtmosphereDevice. This device has a primary partition key of temperature and datatype Number. The app parses the readings from the Rapid IoT as a float that can then be accepted by DynamoDB.

For debugging purposes, I have also added a button that will allow you to send fake data from the app in order to demonstrate how you can also implement something like this while diagnosing your project.

Here is the configuration on AWS for the table. Make sure your IAM Role configuration is set correctly as well:

Kind regards

sealamb · 2019-02-08 12:22:43 UTC

Thank you very much for all your support in helping me through this problem.
Here is the the outcome:
Your demo did not work for me. I was confident that your demo would work so I suspected the problem to be with AWS IAM. I discovered there is s tool in AWS IAM to simulate Role Policy permissions. I found that the Role is set up for Atmosphere was not functioning as I had intended. After updating the policy permissions data started flowing into the DynamoDB table perfectly.
Thank you again for all your help

ae-atmosphereiot · 2019-02-08 14:15:39 UTC

@sealamb I am glad I was able to get you moving in the right direction. Should I provide an example of an IAM policy that targets a specific table?

cybermah · 2019-02-22 16:18:05 UTC

What did you have to change to get it working? I’m having a similar problem now. My data doesn’t seem to get to my table.

sealamb · 2019-02-22 16:27:52 UTC

This was quite complicated for me, as it was my first time using AWS. My problem was all related to the AWS role permissioners I set up for AtmosphereIOT.
You probably already know this, but just in case… Follow these instructions from Atmosphere to get started:
https://developer.atmosphereiot.com/documents/guides/awsintegrationsetupguide.html
Then set up the proper permissions in the IAM roles for Atmoshere. You can simulate your roles in AWS IAM to ensure they work - that was a huge help for me.
Here is the permission script that worked:
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Sid”: “VisualEditor0”,
“Effect”: “Allow”,
“Action”: [
“dynamodb:ListGlobalTables”,
“dynamodb:PutItem”,
“dynamodb:ListTables”,
“dynamodb:ListBackups”,
“dynamodb:GetItem”,
“dynamodb:Scan”,
“dynamodb:Query”
],
“Resource”: “*”
}
]
}