Troubleshooting Automations

I set up my GitHub/GitLab/AWS/G Suite integration in Comply but the Issues page tells me an automation didn't run. Why?

When you set up an integration in Comply, we will automatically enable all automations available for that integration. For example, we will enable the Code Repo Pull Request Approval and Code Repo Pull Request CI automations when you enable GitHub or GitLab. Comply will create an issue if it detects a merged pull request that hasn’t been approved. If you haven’t merged any pull requests, Comply won’t run any GitHub/GitLab automations and you won’t see Comply generate any evidence, create any issues, or show that the automation ran.

Why an automation may not run

  1. Your account does not contain those assets or the integration does not have adequate permissions to those assets.

    • Comply's Amazon RDS automations will not run if you don’t have any Amazon RDS instances in your AWS account or the Comply integration does not have permission to access the information for those assets.
    • Comply's AWS IAM automations will not run if you don’t have any AWS IAM users in your AWS account or the Comply integration does not have permission to access the information for those assets.
    • Comply's Amazon EC2 automations will not run if you don’t have any Amazon EC2 instances in your AWS account or the Comply integration does not have permission to access the information for those assets.
    • Comply's Amazon S3 automations will not run if you don’t have any Amazon S3 buckets in your AWS account or the Comply integration does not have permission to access the information for those assets.
    • Comply's G Suite automation will not run if you don’t have any users in your G Suite account.
  2. Your asset configuration doesn’t apply to an automation’s criteria.

    • If your storage assets (Amazon RDS and Amazon S3) are not encrypted, Comply cannot run the key status, key rotation, and key age automations because an encryption key does not exist.
    • If your AWS IAM user only has programmatic access, Comply does not run the MFA policy automation because we only check MFA status for console (human) users.

How to tell if automations are creating issues

On the Issues page the left side of each issues section has a color which designates whether automations are running correctly.
Yellow: Automations are running and issues were created that are currently unresolved.
Green: Automations are running and issues were created and have all been resolved.
* Gray: The automation is enabled but hasn't run.
Issue sections with a gray bar are likely candidates to explore the reasons above.

788788