CDK Codepipeline with github : insufficient permissions


I've been using aws cdk with github to set up my cicd pipeline for a while. This is the main tutorial I followed Along with this video which shows how to set up a github personal access token and save it to secrets manager.

Whenever the github personal access token would expire, I would just create a new one and update the secret in aws secrets manager.

However today. Even after reseting the access token the codepipeline does not work. It fails at soucing the github repo and give the following error and explanation.

Insufficient permissions

Could not access the GitHub repository: "REDACTED". The access token might be invalid or has been revoked. Edit the pipeline to reconnect with GitHub.
asked a year ago172 views
1 Answer

I have experienced this issue in a similar manner when using GitHub V1 source action, which AWS does not recommend. When I would manually expire a GitHub oauth token and update the token in AWS Secrets Manager, it would continue to use the original token. AWS secrets are often cached client side to reduce the number of hits to AWS Secrets Manager. This is done to optimize performance. However, in this case, there is a need to expire the client side cache. The workaround that I used was to establish a new secret name and switch AWS CodePipeline to use this new secret.

The preferred solution is to switch to GitHub version 2 source action. AWS has provided instructions to Update a GitHub version 1 source action to a GitHub version 2 source action

profile picture
answered 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions