I hope someone could help me with the following problem.
I am using Amazon Managed Blockchain with the framework Hyperledge Fabric v1.4 and I followed this documentation https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/get-started-create-channel.html.
This is the error I get when I try to create the channel with that command line:
Command line: docker exec cli peer channel create -c mychannel -f /opt/home/mychannel.pb -o $ORDERER --cafile /opt/home/managedblockchain-tls-chain.pem --tls
Error: 2022-01-17 10:34:47.356 UTC [channelCmd] InitCmdFactory -> INFO 001 Endorser and orderer connections initialized Error: got unexpected status: BAD_REQUEST -- error validating channel creation transaction for new channel 'mychannel', could not succesfully apply update to template configuration: error authorizing update: error validating DeltaSet: policy for [Group] /Channel/Application not satisfied: implicit policy evaluation failed - 0 sub-policies were satisfied, but this policy requires 1 of the 'Admins' sub-policies to be satisfied
The admin certificate is in a folder "admin-msp".
My configxt.yaml (I did not get any error executing a previous step with "docker exec cli configtxgen -outputCreateChannelTx /opt/home/mychannel.pb -profile OneOrgChannel -channelID mychannel --configPath /opt/home/"):
Organizations:
- &Org1
Name: m-Q37N3LRUKNFDXBZ7GARMYFBYIE
ID: m-Q37N3LRUKNFDXBZ7GARMYFBYIE
Policies: &Org1Policies
Readers:
Type: Signature
Rule: "OR('Org1.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('Org1.admin', 'Org1.peer', 'Org1.client')"
Writers:
Type: Signature
Rule: "OR('Org1.member')"
# If your MSP is configured with the new NodeOUs, you might
# want to use a more specific rule like the following:
# Rule: "OR('Org1.admin', 'Org1.client')"
Admins:
Type: Signature
Rule: "OR('Org1.admin')"
# MSPDir is the filesystem path which contains the MSP configuration.
MSPDir: /opt/home/admin-msp
# AnchorPeers defines the location of peers which can be used for
# cross-org gossip communication. Note, this value is only encoded in
# the genesis block in the Application section context.
AnchorPeers:
- Host: 127.0.0.1
Port: 7051
Capabilities:
Channel: &ChannelCapabilities
V1_4_3: true
V1_3: false
V1_1: false
Orderer: &OrdererCapabilities
V1_4_2: true
V1_1: false
Application: &ApplicationCapabilities
V1_4_2: true
V1_3: false
V1_2: false
V1_1: false
Channel: &ChannelDefaults
Policies:
# Who may invoke the 'Deliver' API
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
# Who may invoke the 'Broadcast' API
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
# By default, who may modify elements at this config level
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ChannelCapabilities
Application: &ApplicationDefaults
Policies: &ApplicationDefaultPolicies
LifecycleEndorsement:
Type: ImplicitMeta
Rule: "ANY Readers"
Endorsement:
Type: ImplicitMeta
Rule: "ANY Readers"
Readers:
Type: ImplicitMeta
Rule: "ANY Readers"
Writers:
Type: ImplicitMeta
Rule: "ANY Writers"
Admins:
Type: ImplicitMeta
Rule: "MAJORITY Admins"
Capabilities:
<<: *ApplicationCapabilities
Profiles: OneOrgChannel: <<: *ChannelDefaults Consortium: AWSSystemConsortium Application: <<: *ApplicationDefaults Organizations: - <<: *Org1
My docker-compose-cli.yaml file:
version: '2'
services:
cli:
container_name: cli
image: hyperledger/fabric-tools:1.4
tty: true
environment:
- GOPATH=/opt/gopath
- CORE_VM_ENDPOINT=unix:///host/var/run/docker.sock
- FABRIC_LOGGING_SPEC=info # Set logging level to debug for more verbose logging
- CORE_PEER_ID=cli
- CORE_CHAINCODE_KEEPALIVE=10
- CORE_PEER_TLS_ENABLED=true
- CORE_PEER_TLS_ROOTCERT_FILE=/opt/home/managedblockchain-tls-chain.pem
- CORE_PEER_LOCALMSPID=$Member
- CORE_PEER_MSPCONFIGPATH=/opt/home/admin-msp
- CORE_PEER_ADDRESS=$MyPeerNodeEndpoint
working_dir: /opt/gopath/src/github.com/hyperledger/fabric/peer
command: /bin/bash
volumes:
- /var/run/:/host/var/run/
- /home/ec2-user/fabric-samples/chaincode:/opt/gopath/src/github.com/
- /home/ec2-user:/opt/home
Thanks in advance :).