Hey!
We are currently running into some issues with our autotasks, we have a lot of pending transactions that are not going through for our autotasks, each autotask also do not show any logs, which makes it very hard to understand why there is an error.
The errors did not appear yesterday and seemed to work correctly, and we have not done any changes which should affect this, which is why we are curious if its related to Defender backend.
We are trying to call an AutoTask, from another AutoTask, using AutotaskClient
Our error:
ERROR Invoke Error {
"errorType": "DefenderApiResponseError",
"errorMessage": "Request failed with status code 500",
"name": "DefenderApiResponseError",
"request": {
"path": "/autotask/autotasks/XXXXXX-XXXXX-XXXXXXX-XXf387/runs/manual",
"method": "POST"
},
"response": {
"status": 500,
"statusText": "Internal Server Error",
"data": {
"message": "User: arn:aws:sts::XXXX:assumed-role/defender-api-external-api-sts-lambda-assume-role/XXXXXXXXoXXXx is not authorized to perform: dynamodb:Query on resource: arn:aws:dynamodb:us-west-2:XXXXXX:table/defender-DatabaseStack-XXXXXXX-prod-tenant-notifications because no session policy allows the dynamodb:Query action"
}
},
"stack": [
"DefenderApiResponseError: Request failed with status code 500",
" at rejectWithDefenderApiError (/opt/nodejs/node_modules/defender-base-client/lib/api/api.js:11:27)",
" at processTicksAndRejections (node:internal/process/task_queues:96:5)",
" at async /opt/nodejs/node_modules/defender-autotask-client/lib/api.js:75:20",
" at async AutotaskClient.apiCall (/opt/nodejs/node_modules/defender-base-client/lib/api/client.js:25:20)",
" at async reforge (/var/task/index.js:123:15)",
" at async exports.handler (/var/task/index.js:94:11)",
" at async Runtime.handler (/opt/nodejs/autotask-wrapper.js:83:20)"
]
}
I have removed sensitive IDs as it's in prod, and prefer to share them in DM´s rather than publicly.
Environment
Autotask, Relays, Sentinels