CDK Codepipeline with github : insufficient permissions

0

I've been using aws cdk with github to set up my cicd pipeline for a while. This is the main tutorial I followed https://docs.aws.amazon.com/cdk/v2/guide/cdk_pipeline.html#cdk_pipeline_define. Along with this video https://www.youtube.com/watch?v=EVDw0sdxaec&t=433s which shows how to set up a github personal access token and save it to secrets manager.

Whenever the github personal access token would expire, I would just create a new one and update the secret in aws secrets manager.

However today. Even after reseting the access token the codepipeline does not work. It fails at soucing the github repo and give the following error and explanation.

Insufficient permissions


Could not access the GitHub repository: "REDACTED". The access token might be invalid or has been revoked. Edit the pipeline to reconnect with GitHub.
demandé il y a 2 ans226 vues
1 réponse
1

I have experienced this issue in a similar manner when using GitHub V1 source action, which AWS does not recommend. When I would manually expire a GitHub oauth token and update the token in AWS Secrets Manager, it would continue to use the original token. AWS secrets are often cached client side to reduce the number of hits to AWS Secrets Manager. This is done to optimize performance. However, in this case, there is a need to expire the client side cache. The workaround that I used was to establish a new secret name and switch AWS CodePipeline to use this new secret.

The preferred solution is to switch to GitHub version 2 source action. AWS has provided instructions to Update a GitHub version 1 source action to a GitHub version 2 source action

profile picture
répondu il y a 9 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions