Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

buildcode failure to get JIT token from GitHub

1

As part of my orgensation (TroniusGaming) i have my own repo for one of the app, i set up a code builder project for it, to run workflows. I set it up using new fine grained PAT with proper credentials. connected the builder to my repo using the PAT. I set up the webhooks both on AWS and repo and they seem to work. Set up the runs-on: in the .yml file to the correct format. When i trigger the workflow through GitHub Actions, it is indeed triggered also in the builder

the hook response

{"response":"Webhook received and build started: https://eu-west-1.console.aws.amazon.com/codesuite/codebuild/projects/cms-med-app-builder/build/cms-med-app-builder:45508fb1-6c4e-493c-9151-2d0415149db4?region=eu-west-1","statusCode":200}

[Container] 2025/08/27 14:50:25.134566 Running on CodeBuild On-demand
[Container] 2025/08/27 14:50:25.134581 Waiting for agent ping
[Container] 2025/08/27 14:50:26.238776 Waiting for DOWNLOAD_SOURCE
[Container] 2025/08/27 14:50:26.874137 Phase is DOWNLOAD_SOURCE
[Container] 2025/08/27 14:50:26.875035 CODEBUILD_SRC_DIR=/codebuild/output/src2119849523/src
[Container] 2025/08/27 14:50:26.875128 YAML location is /codebuild/readonly/buildspec.yml
[Container] 2025/08/27 14:50:26.877189 Processing environment variables
[Container] 2025/08/27 14:50:27.014051 No runtime version selected in buildspec.
[Container] 2025/08/27 14:50:33.335879 Error while fetching runner token: error code 400: GitHub runner JIT configuration unavailable: ResourceNotFoundException: Unexpected error from GitHub while creating runner JIT configuration, please try again later
[Container] 2025/08/27 14:50:33.335904 Phase complete: DOWNLOAD_SOURCE State: FAILED
[Container] 2025/08/27 14:50:33.335921 Phase context status code: CLIENT_ERROR Message: Error while fetching runner token: error code 400: GitHub runner JIT configuration unavailable: ResourceNotFoundException: Unexpected error from GitHub while creating runner JIT configuration, please try again later

i have looked far and wide into the what i have configured and yet to find what i have missed. the only place i could not search was the github organization settings.

Topics
Developer Tools
Tags
AWS CodeBuild
Language
English
asked 9 months ago576 views
2 Answers
0

Also experiencing the same issue. This is for private repositories in an organisation. Many other repositories with same config working fine, only a select few this is happening for (~5)

answered 7 months ago
-2

The error you're encountering with AWS CodeBuild failing to get a JIT (Just-In-Time) token from GitHub is related to permissions and configuration issues between your GitHub repository and AWS CodeBuild.

Based on the error message "GitHub runner JIT configuration unavailable: ResourceNotFoundException," there are several potential causes:

  1. Insufficient GitHub PAT permissions: Your fine-grained Personal Access Token may not have all the required permissions. For GitHub Actions workflows, the PAT needs specific permissions including:
  • actions:read and actions:write
  • contents:read
  • workflows:write
  • administration:read (for organization repositories)
  1. Organization-level restrictions: Since you mentioned TroniusGaming organization, there might be organization-level settings restricting the use of self-hosted runners or JIT configuration. Organization admins may need to:
  • Enable GitHub Actions for the organization
  • Allow the repository to create and use self-hosted runners
  • Verify no policies are blocking AWS CodeBuild's access

  1. Repository settings: Check that GitHub Actions is enabled for your specific repository and that the workflow permissions are properly configured.

  2. Connection configuration: The connection between AWS CodeBuild and GitHub might not be properly configured to handle the JIT runner registration process.

To resolve this issue:

  • Review and update your PAT permissions to ensure they include all required scopes
  • Ask your organization administrator to check organization-level GitHub Actions settings
  • Verify repository settings allow the use of self-hosted runners
  • Consider recreating the connection between AWS CodeBuild and GitHub
  • Check that your workflow file correctly specifies the runner configuration

If the issue persists after these steps, you may need to contact AWS Support for more specific guidance on the CodeBuild integration with GitHub Actions.
Sources
Failling to deploy docker image with .Net app to Lightsail | AWS re:Post
AWS VPN Client wont open browser for SSO on MacOS | AWS re:Post

answered 9 months ago
  • Itamar Gerasy
    9 months ago

    all the PAT permission you mentioned are present there are permission to the repo to create and use self hosted runners github actions is enabled for the repo and connection should be fine, since i created this builder project, it is not behind vpn, and we do not have github enterprise so using the PAT is should be accisable from anywhere

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content