Sentinel Autotask condition running problem

Sentinel Autotask condition running problem

:computer: Environment

I'm trying to make one sentinel task on the defender web UI.


When I try to test the sentinel task with autotask condition.
I'm getting the following error.

Error: HTTP post /subscriber-test failed: User: arn:aws:sts::665768922667:assumed-role/defender-SubscriberTestApiRole-1DNMU69CLWBLC/defender-prod-api-subscriber-test is not authorized to perform: dynamodb:GetItem on resource: arn:aws:dynamodb:us-west-2:665768922667:table/defender-DatabaseStack-1XZBY0IT98A78-prod-tenants

:1234: Code to reproduce

I'm having the same issue. Not sure about you @Jason1 but, in my case, this is happening when I'm assigning an Autotask Condition.

Hi @Jason1 and @Fede,

This issue is usually caused by returning an incorrect response from your autotask condition. The goal of the autotask condition is to apply some custom filtering to the matched transactions, beyond the event, function and transaction conditions we offer.

An autotask condition should return a list of transaction hashes, or at the very minimum an empty array. The matches property is required.

return { matches: [{hash: "0x123..."}] }

You can see an example in the SentinelConditionResponse section in the utils readme

As per the error message, it seems like it's something todo with permissions. However, I tried returning what you've posted and I'm getting the same error:

return { matches: [] }


On a different note, I'm wondering how should I set the autotask up, because it makes me choose webhook or cron but it's actually neither because it's the Sentinel who's gonna be triggering it. Any help on this @dylkil? Thanks!

@Fede @Jason1

I took a closer look and it seems there is an issue with the sentinel condition tester. We should have a fix available for this soon. Note: Your sentinel should work fine with an autotask condition, this bug is just related to the testing tool.


When creating an autotask for a sentinel you should choose webhook trigger

1 Like

Hi, I just wanted to say that:

  • I am hitting the same issue in the sentinel condition tester.
  • like @Fede, I find the mental model of "autotask conditions" a bit strange, I was also expecting to configure my autotask with a Sentinel trigger, not a Webhook trigger