Access Denied: Incorrect GitHub account type selected or incorrect organization name specified Access Denied: Insufficient permissions to install GitHub App into organization Agent cannot connect to endpoint during a penetration test Getting additional help

Troubleshooting

Find solutions to commonly seen errors when using AWS Security Agent.

Access Denied: Incorrect GitHub account type selected or incorrect organization name specified

You installed the AWS Security Agent application into your desired GitHub organization but incorrectly set the GitHub Account Type to User instead of Organization
You installed the AWS Security Agent application into your desired GitHub organization and correctly set the GitHub Account Type to Organization but left the Organization Name field blank or entered an incorrect organization name that does not match the organization you installed the application into

Solution:

Go to GitHub and uninstall the app from the organization. For more information, see Step 1: Uninstall the AWS Security Agent GitHub App from GitHub.
Go back to the integrations page and restart the integration process by clicking on Add Integrations, install and authorize the app into your desired GitHub organization once again.
Select Organization from the dropdown of GitHub account type
Make sure the Organization Name you input is the EXACT same as the one you installed the application into.
Click the Connect button to create your GitHub organization integration.

Access Denied: Insufficient permissions to install GitHub App into organization

When you attempt to install the AWS Security Agent application into your desired GitHub organization, you will see two different messages on the button in the installation page.

An organization Member will see Authorize & Request
An organization Owner will see Install & Authorize

You can verify whether you are a Member or an Owner of the GitHub organization by following the below steps.

Go to github.com
Click on your profile in the top right of the website
Navigate to Organizations on the dropdown menu and click it
Find the organization you wish to install AWS Security Agent into from the list of organizations, it will specify whether you are a Member or an Owner next to the organization name.

Possible solutions:

Have an owner approve your installation request BEFORE you try to create the integration
Have an owner update your role in the GitHub organization from a Member to an Owner and restart the integration process again

Agent cannot connect to endpoint during a penetration test

If the penetration test agent is unable to make calls to the configured target URL or fails to successfully navigate the target endpoint:

If your endpoint makes calls to domains outside the configured target URL, verify the additional domains are added as Accessible URLs in your pentest configuration
Penetration testing is currently only available for HTTP/HTTPS endpoints serving traffic on ports 80 or 443

Getting additional help

If you continue to experience issues after trying these troubleshooting steps:

Check the AWS Security Agent service status page
Contact AWS Support for assistance with complex configuration issues

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Grant users access to the AWS Security Agent web app