I'm trying to make one sentinel task on the defender web UI.
Details
When I try to test the sentinel task with autotask condition.
I'm getting the following error.
Error: HTTP post /subscriber-test failed: User: arn:aws:sts::665768922667:assumed-role/defender-SubscriberTestApiRole-1DNMU69CLWBLC/defender-prod-api-subscriber-test is not authorized to perform: dynamodb:GetItem on resource: arn:aws:dynamodb:us-west-2:665768922667:table/defender-DatabaseStack-1XZBY0IT98A78-prod-tenants
This issue is usually caused by returning an incorrect response from your autotask condition. The goal of the autotask condition is to apply some custom filtering to the matched transactions, beyond the event, function and transaction conditions we offer.
An autotask condition should return a list of transaction hashes, or at the very minimum an empty array. The matches property is required.
As per the error message, it seems like it's something todo with permissions. However, I tried returning what you've posted and I'm getting the same error:
On a different note, I'm wondering how should I set the autotask up, because it makes me choose webhook or cron but it's actually neither because it's the Sentinel who's gonna be triggering it. Any help on this @dylkil? Thanks!
I took a closer look and it seems there is an issue with the sentinel condition tester. We should have a fix available for this soon. Note: Your sentinel should work fine with an autotask condition, this bug is just related to the testing tool.
I am hitting the same issue in the sentinel condition tester.
like @Fede, I find the mental model of "autotask conditions" a bit strange, I was also expecting to configure my autotask with a Sentinel trigger, not a Webhook trigger