While running IDT for my custom gateway device, I got the following error for StreamManager component testcase:
com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: XXXXXXXXXXXXXXX S3 Extended Request ID: XXXXXXXXXXXXXXX=; Proxy: null). {scriptName=services.aws.greengrass.StreamManager.lifecycle.startup.script, serviceName=aws.greengrass.StreamManager, currentState=RUNNING}
IDT script is creating the roles and s3 buckets on the fly. So its not east to debug via aws console. So I checked cloudtrail. But it seems data events (s3 upload) is not logged in cloudtrail. How can I investigate further without enabling data logging in cloudtrail (I do not have administrator access)?
Even though the user had all the adequate permissions, streammanager test case was failing with "Access Denied" error. I ran IDT again after copying the aws credentials files to the device under test. Then all the test cases passed. I am assuming that the java code in streammanager test case was not able to get the credentials from env variables.