Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

(aws-iot): CfnProvisioningTemplate Template with name already exists

See original GitHub issue

What is the problem?

npm package version : 1.132.0 & 1.135.0 (tried with these two)

when creating a iot Provisioning Template using cdk, the following error is thrown:

Template with name provisioningtemplate_JAoF84L77Jaf already exists (Service: Iot, Status Code: 409, Request ID: 60a18fc4-8778-4f73-b5d2-9589e37f3d43, Extended Request ID: null)`

N.B. it does not matter if we provide a template name or let cdk choose a name as seen above N.B. the stack is being newly created and so there is NO provisioning template existing whatsoever

Reproduction Steps

use similar code as:

import * as iam from '@aws-cdk/aws-iam';
import * as iot from '@aws-cdk/aws-iot';

    const provisioningRole = new iam.Role(this, 'provisioning-role-arn', {
      assumedBy       : new iam.ServicePrincipal('iot.amazonaws.com'),
      description     : 'Role assumed by provisioning template to bulk provision devices by claim',
      roleName        : `ProvisioningByClaimRole`,
      managedPolicies : [iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSIoTThingsRegistration')],
    });

    const provisioningTemplate = new iot.CfnProvisioningTemplate(this, 'provisioning-template', {
      provisioningRoleArn : provisioningRole.roleArn,
      templateBody        : JSON.stringify(provisioningTemplateBody),
      description         : 'provision by claim template for guard devices that use certificates for authentication',
      enabled             : false,
      preProvisioningHook : {
        targetArn      : preProvisioningHookLambda.functionArn,
        payloadVersion : '2020-04-01',
      },
    });

can ignore the preprovisioning hook lambda and template if needed

What did you expect to happen?

since the current stack is the one initiating the creation of the provisioning template, then it should create the template resource without error

What actually happened?

the stack ACTUALLY creates the iot provisioning template resource completely but then throws the name conflict error and fails. Meaning after the stack completes the rollback, there is the new provisioning templete resource in iot.

CDK CLI Version

1.135.0

Framework Version

No response

Node.js Version

14.18.1

OS

macOS Big Sur 11.6.1

Language

Typescript

Language Version

4.3.2

Other information

No response

Issue Analytics

State:
Created 2 years ago
Comments:8 (4 by maintainers)

Top GitHub Comments

1reaction

anjum-alicommented, Dec 16, 2021

@skinny85 Sure. Here is the template body:

    const provisioningTemplateBody = {
      Parameters : {
        SerialNumber : {
          Type : 'String'
        },
        ApplianceId : {
          Type : 'String'
        },
        ThingGroups : {
          Type : 'String'
        },
        ThingName : {
          Type : 'String'
        },
        ThingTypeName : {
          Type : 'String'
        },
        BillingGroup : {
          Type : 'String'
        },
        'AWS::IoT::Certificate::Id' : {
          Type : 'String'
        }
      },
      Resources : {
        certificate : {
          Properties : {
            CertificateId : {
              Ref : 'AWS::IoT::Certificate::Id'
            },
            Status : 'ACTIVE'
          },
          Type : 'AWS::IoT::Certificate'
        },
        policy : {
          Properties : {
            PolicyName : fleetIoTPolicy.policyName
          },
          Type : 'AWS::IoT::Policy'
        },
        thing : {
          OverrideSettings : {
            AttributePayload : 'MERGE',
            ThingGroups      : 'REPLACE',
            ThingName        : 'REPLACE',
            ThingTypeName    : 'REPLACE',
            BillingGroup     : 'REPLACE'
          },
          Properties : {
            AttributePayload : {
              version       : 'v1',
              serial_number : { Ref: 'SerialNumber' }
            },
            ThingGroups   : [{ Ref: 'ThingGroups' }],
            ThingName     : { Ref: 'ApplianceId' },
            ThingTypeName : { Ref: 'ThingTypeName' },
            BillingGroup  : { Ref: 'BillingGroup' }
          },
          Type : 'AWS::IoT::Thing'
        }
      }
    }

The fleetIoTPolicy is an instance of CfnPolicy.

0reactions

github-actions[bot]commented, Dec 17, 2021

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

Top Results From Across the Web

Resolve the "Custom Named Resource already exists in stack ...

This unique name won't conflict with your existing resources. Resolution. 1. In the CloudFormation template that contains your failing resource, ...

How to add AWS IoT provisioning template in Cloudformation ...

My question is how I can create an IoT provisioning template using Cloudformation template? update It turned out I can add the IoT...

Fleet provisioning - AWS IoT Device Management Workshop

A provisioning template is a JSON document with a parameters and resources section. It defines how your devices are provisioned with AWS IoT....

IoT Device Connectivity on the AWS Cloud

An example IoT device real-time monitoring dashboard using AWS IoT SiteWise ... omitting the QuickSight ADMIN user name on the AWS CloudFormation template....

How can I use Just In Time Provisioning with AWS IoT?

Skip directly to the demo: 0:32For more details see the Knowledge Center article with this video: ...