@shinyaz

Security Agent sourceCode hits INTERNAL_ERROR in Tokyo but works fine in us-east-1

1 min read
#aws#security-agent#penetration-testing

Ran a Security Agent pentest with assets.sourceCode pointing to a ZIP file on S3 in the Tokyo region (ap-northeast-1). Setup Testing Environment failed with INTERNAL_ERROR. Tried twice, same result both times.

Isolation steps:

  • S3 Source Access Validation passed (file retrieval was fine)
  • Removing sourceCode from the same environment → test completed normally
  • Using documents with the same file → test completed normally

Tried the exact same sourceCode configuration in us-east-1 — no INTERNAL_ERROR, completed successfully through all four phases. When sourceCode is used, CODE SCANNER [BUSINESS LOGIC / IMPORTANT FLOWS / FRAMEWORKS] runs during STATIC_ANALYSIS, and this processing may be unstable in the Tokyo region as of April 2026.

If you need sourceCode in Tokyo, consider documents as a fallback. documents still improved detection by 2.6x over URL-only in our testing.

Share this post

Shinya Tahara

Shinya Tahara

Solutions Architect @ AWS

I'm a Solutions Architect at AWS, providing technical guidance primarily to financial industry customers. I share learnings about cloud architecture and AI/ML on this site.The views and opinions expressed on this site are my own and do not represent the official positions of my employer.

Read more