Support

Get help with SG Provisioner.

Table of Contents

Quick Help

Documentation

  • README - Quick start guide

  • User Guide - Complete command reference

  • Configuration Reference - YAML configuration guide

  • Troubleshooting - Common issues and solutions

  • IAM Permissions - Required AWS permissions

Common Issues

Configuration validation errors

  • Check your SG configuration YAML file in configs/ directory

  • Verify YAML syntax (indentation, quotes)

  • Ensure all required sections are present in the configuration YAML template

  • See CONFIGURATION.md for complete schema

  • Run validate-config action to check

AWS credential errors

  • Check credentials file exists: ls -la ~/.aws/credentials

  • Check which profile is used: echo $AWS_PROFILE (if empty, uses [default])

  • Test authentication: aws sts get-caller-identity

  • Verify permissions (see IAM_PERMISSIONS.md)

Permission denied

  • Check current identity: aws sts get-caller-identity

  • Test VPC permissions: aws ec2 describe-security-groups --region us-west-2 --no-paginate

  • As above but with filtering on VPC: for example: aws ec2 describe-security-groups --region us-west-2 --filters Name=vpc-id,Values=vpc-03971a23bdd52d405 --no-paginate

  • Test CloudFormation access: aws cloudformation list-stacks --region us-west-2 --max-items 5

  • Generate required IAM policy: Run create-policy action and attach the generated JSON to your IAM role

  • See IAM_PERMISSIONS.md for complete permissions list

VPC not found

  • Deploy VPC first or use vpc_source: direct with a VPC ID

Scenario not found

  • Use action list-scenarios to see available names

Stack already exists

  • List stacks in region: aws cloudformation list-stacks --region us-west-2 --stack-status-filter CREATE_COMPLETE --output table

  • Stack names must be unique

  • Delete existing groups: Use delete-security-groups --force action

  • Or rename: Use different sg_name_override

Circular dependency

  • Should not occur; check custom scenario YAML for mutual tier references

Invalid port

  • Ports must be 1-65535; use port or port_range, not both

Docker errors

  • Verify Docker is running: docker ps

  • Check volume mounts are correct

  • Ensure files exist in mounted directories

Getting Support

AWS Marketplace Support

For issues related to:

  • Product subscription and licensing

  • Billing questions

  • AWS Marketplace portal issues

  • License validation errors

Contact: AWS Marketplace Customer Support through your AWS account

How to Contact:

  1. Log into AWS Console

  2. Navigate to AWS Marketplace

  3. Go to “Manage Subscriptions”

  4. Select SG Provisioner

  5. Click “Get Support”

Response Time: Per AWS Marketplace SLA

Product Support

For issues related to:

  • Product functionality

  • Configuration questions

  • Bug reports

  • Feature requests

  • Technical questions

Contact:

  1. Log into AWS Console

  2. Navigate to AWS Marketplace

  3. Go to “Manage Subscriptions”

  4. Select SG Provisioner

  5. Click “Contact Seller”

Support Hours: Monday-Friday, 9 AM - 5 PM Pacific Time (business days)

Response Time:

  • Critical issues: Within 1 business day

  • High priority: Within 2 business days

  • Medium priority: Within 3 business days

  • Low priority: Within 5 business days

Before Contacting Support

Please gather the following information:

1. Product Version

docker inspect sg-provisioner:latest | grep Created

2. Configuration File

Sanitize sensitive data (account IDs, VPC names) before sharing:

client:
  company_name: REDACTED
  company_prefix: REDACTED
  account_id: REDACTED
  tenant_id: REDACTED

environment:
  env: prod
  region: us-west-2

security_groups:
  scenario: 3-tier-web
  vpc_source: parameter-store
  vpc_parameter_store_path: REDACTED  # e.g., /vpc/your-vpc-name/VPCId
  sg_name_override: ""
  workload: ""

  overrides:
    app:
      port_overrides:
        - protocol: tcp
          old_port: 8080
          new_port: 8443
      additional_ingress:
        - protocol: tcp
          port: 9090
          source_tier: web
          description: Prometheus metrics from web tier
    db:
      additional_ingress:
        - protocol: tcp
          port: 5432
          source_tier: app
          description: Read replica connection from app tier

tags:
  cost_center: Fraud Operations
  project: Real-time Credit Card Fraud Detection System
  owner: fraud-ml-engineering-team

3. Error Message

Copy the complete error message from console output or log files.

4. Command Used

Provide the exact Docker command:

docker run --rm \
  -v ~/.aws:/home/sguser/.aws:ro \
  -v $(pwd)/sg/configs:/app/configs:ro \
  -v $(pwd)/sg/reports:/app/reports \
  -v $(pwd)/sg/templates:/app/templates \
  sg-provisioner:latest \
  --config globalbank-prod-c001-us-west-2-sg.yaml \
  --action create-security-groups \
  --force

5. AWS Region

Specify the AWS region where you’re deploying.

6. Expected vs Actual Behavior

  • What you expected to happen

  • What actually happened

  • Steps to reproduce

7. CloudFormation Stack Events

If stack creation failed:

aws cloudformation describe-stack-events \
  --stack-name your-sg-stack-name \
  --max-items 20

Self-Service Resources

Validate Your Configuration

docker run --rm \
  -v ~/.aws:/home/sguser/.aws:ro \
  -v $(pwd)/sg/configs:/app/configs:ro \
  -v $(pwd)/sg/reports:/app/reports \
  sg-provisioner:latest \
  --config globalbank-prod-c001-us-west-2-sg.yaml \
  --action validate-config

Check AWS Credentials

# View credentials file
cat ~/.aws/credentials

# Test credentials
aws sts get-caller-identity

# Test VPC access
aws ec2 describe-security-groups --region us-west-2

Verify IAM Permissions

# Check current user/role
aws sts get-caller-identity

# Test VPC creation permission
aws ec2 describe-security-groups --region us-west-2

View Container Logs

# List recent containers
docker ps -a

# View logs
docker logs <container-id>

# Check reports directory
ls -la reports/
cat reports/*.log

Test Docker Setup

# Check Docker version
docker --version

# Test Docker is running
docker ps

# Test volume mounts
docker run --rm \
  -v $(pwd)/sg/configs:/app/configs \
  -v $(pwd)/sg/reports:/app/reports \
  -v $(pwd)/sg/policies:/app/policies \
  -v $(pwd)/sg/templates:/app/templates \
  --entrypoint /bin/sh \
  sg-provisioner:latest \
  -c "ls -la /app/configs"

Reporting Bugs

When reporting bugs, include:

  1. Steps to reproduce - Exact sequence of commands

  2. Expected behavior - What should happen

  3. Actual behavior - What actually happened

  4. Error messages - Complete error output

  5. Configuration file - Sanitized YAML

  6. Environment details - OS, Docker version, AWS region

  7. CloudFormation events - Stack events if applicable

Contact: AWS Marketplace support channel

Feature Requests

We welcome feature requests! See our Feedback page for submission guidelines and templates.

For planned features and voting, see Roadmap.

Service Level Agreement (SLA)

Response Times

Priority

Response Time

Resolution Target

Critical (P1)

1 business day

2 business days

High (P2)

2 business days

3 business days

Medium (P3)

3 business days

5 business days

Low (P4)

5 business days

Best effort

Priority Definitions

Critical (P1): Production system down, no workaround available

  • CloudFormation stack creation fails

  • Cannot create SGs in production

  • License validation fails for valid subscription

  • Data loss or corruption

High (P2): Major feature not working, workaround available

  • Security group rules not applied

  • Cross-tier references failing

  • Template generation errors

  • Parameter Store storage issues

Medium (P3): Minor feature issue, workaround available

  • Documentation unclear

  • Non-critical configuration validation errors

  • Tagging issues

  • Logging problems

Low (P4): Cosmetic issue, feature request, general questions

  • Documentation typos

  • Feature enhancement requests

  • General usage questions

  • Best practices guidance

License Validation Issues

If you see license validation errors:

1. Verify Subscription

  • Log into AWS Marketplace

  • Check “Manage Subscriptions”

  • Verify SG Provisioner is subscribed and active

  • Check subscription status (active, expired, cancelled)

2. Verify IAM Permissions

Ensure IAM role/user has AWS Marketplace permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "aws-marketplace:ViewSubscriptions",
        "aws-marketplace:Subscribe",
        "aws-marketplace:Unsubscribe"
      ],
      "Resource": "*"
    }
  ]
}

3. Contact AWS Marketplace Support

For subscription and licensing issues, contact AWS Marketplace Customer Support through your AWS account.

Troubleshooting Resources

Documentation

  • TROUBLESHOOTING.md - Comprehensive troubleshooting guide

  • IAM_PERMISSIONS.md - Required permissions

  • CONFIGURATION.md - Configuration reference

  • USER_GUIDE.md - Command reference

AWS Resources

  • AWS VPC Documentation: https://docs.aws.amazon.com/vpc/

  • AWS CloudFormation Documentation: https://docs.aws.amazon.com/cloudformation/

  • AWS IAM Documentation: https://docs.aws.amazon.com/iam/

  • AWS Marketplace Documentation: https://docs.aws.amazon.com/marketplace/

Community

  • AWS re:Post: https://repost.aws/

  • AWS Support Center: https://console.aws.amazon.com/support/

Updates and Announcements

Release Notes

Check RELEASE_NOTES.md for:

  • Version updates

  • New features

  • Bug fixes

  • Breaking changes

  • Migration guides

Product Roadmap

Check ROADMAP.md for:

  • Planned features

  • Timeline estimates

  • Feature voting

  • Early access programs

AWS Marketplace

Check AWS Marketplace product listing for:

  • Latest version availability

  • Subscription status

  • Pricing updates

  • Product announcements

Feedback

Your feedback helps us improve the product. We accept feature requests and documentation feedback.

See Feedback for details on how to submit.

Additional Resources

AWS Support

  • AWS Support Center: https://console.aws.amazon.com/support/

  • AWS Documentation: https://docs.aws.amazon.com/

  • AWS re:Post: https://repost.aws/

AWS Marketplace

  • AWS Marketplace: https://aws.amazon.com/marketplace/

  • Manage Subscriptions: https://console.aws.amazon.com/marketplace/home#/subscriptions

  • AWS Marketplace Support: Through AWS Console

Product Documentation

  • README.md - Quick start

  • USER_GUIDE.md - Complete reference

  • CONFIGURATION.md - Configuration guide

  • TROUBLESHOOTING.md - Problem solving

  • IAM_PERMISSIONS.md - Security setup