Troubleshooting

This section provides guidance for resolving common issues that may occur during the deployment of App & API Protector Hybrid in AWS.

If you need additional insight into the status of your Protector instances, you can use the Activity Log available in your Connection Configuration dashboard. For more information see Monitor Protector instances.

Below are some of the most common issues you may encounter when deploying App & API Protector Hybrid in AWS:

• A Protector instance does not appear in the Instances list in Akamai Control Center.
  • Confirm that the deployment token stored in the AWS Secrets Manager matches the token generated in the Connection Configurations page.
  • Make sure that the secret names are correctly referenced in the User data section.
  • Verify that the EC2 instance was launched with the required IAM role attached. The IAM role grants permissions to access the AWS Secrets Manager so that Protector can retrieve the required credentials during startup. If the instance was launched without the role, stop the instance, attach the correct IAM role and restart the instance.
• User data execution fails.
  • Check that the region value in the user data script is correct and formatted properly.
  • Ensure that the script references correct secret names in the AWS Secrets Manager. See deployment instructions
  • Review the EC2 instance system logs to confirm if the user data script was applied.
• Network Load Balancer does not route traffic to Protector EC2 instances.
  • Confirm that the listeners are configured correctly.
  • Ensure that the target group health checks pass. Unhealthy instances will not receive traffic.
• AMI deployment fails in AWS.
  • Verify that your IAM role includes sufficient permissions to deploy EC2 instances from Marketplace.
  • Check if you are deploying the App & API Protector Hybrid AMI in a region where it is supported.
• Security Configuration is not applied.
  • Check if you've associated your Connection Configuration with an active Security Configuration. Learn how to activate your Security Configuration
• Security Configuration cannot be modified.
  • You cannot modify a Security Configuration that is active. Create a new version of your Security Configuration, apply changes, and activate it.

See also Troubleshoot issues with Amazon EC2 instances for additional context.

If you need further guidance, contact the Akamai Global Services team.