How can I use a lambda function in node.js 16.x to publish to an AWS IoT mqtt topic?
I developed a lambda function that will broadcast mqtt messages when the AWS cloudwatch event occurs. I attached the AWSIoTDataAccess policy to provide full access to the AWS IoT messaging activities and grant the lambda function authority to publish mqtt messages.
import AWS from "aws-sdk";
var iotdata = new AWS.IotData({
endpoint: "xxxxxxxxxxxxxxxx.iot.amazonaws.com",
region: "ca-central-1",
});
export async function handler(event, context) {
/* do something */
await requestHB(inactiveDevices);
}
async function requestHB(inactiveDevices) {
if (inactiveDevices == null) return;
const publishPromises = inactiveDevices.map(async (element) => {
var params = {
topic: "device/inactive",
payload: JSON.stringify({ type: 0, imei: String(element.imei) }),
qos: 0,
};
try {
await iotdata.publish(params).promise();
console.log("Message published successfully");
} catch (error) {
console.error("Error publishing message:", error);
}
});
await Promise.all(publishPromises);
}
I get the following error notice when using the code above.
2023-05-29T17:49:01.024Z 5208a53c-f0f8-409f-a64b-9e901be9aa80 ERROR Error publishing message: ForbiddenException: null
at Object.extractError (/var/task/node_modules/aws-sdk/lib/protocol/json.js:61:27)
at Request.extractError (/var/task/node_modules/aws-sdk/lib/protocol/rest_json.js:61:8)
at Request.callListeners (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
at Request.emit (/var/task/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/var/task/node_modules/aws-sdk/lib/request.js:686:14)
at Request.transition (/var/task/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/var/task/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /var/task/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/var/task/node_modules/aws-sdk/lib/request.js:688:12) {
code: 'ForbiddenException',
time: 2023-05-29T17:49:01.023Z,
requestId: '0779829a-7f5d-d298-f9da-08f1b6d83753',
statusCode: 403,
retryable: false,
retryDelay: 24.36546771452397
}
The client submitting the request does not have the requisite permissions to carry out the action, according to statuscode 403. What am I missing, though, as I’ve previously submitted a full access policy?