The Problem Statement
We observed a failure in AWS Correlation where many servers were appearing as separate Native and Proxy entries in the BigFix Console (Ghosting Effect). The correlation—the process of merging these two identities using the AWS Instance ID—was working fine until recently.
The "Smoking Gun" (Error Logs)
Upon checking the BESPluginPortal.log and the AWS Plugin logs, we identified repeated authentication failures. The Plugin Portal was stuck in a loop trying to scan an account that had been terminated in the AWS Console.
2026/04/07 11:17:17 +0000 - [error] AWS Full Discovery for 'AWxxxxxxxxxxx' and role 'arn:aws:iam::307431060667:role/bigfixcloud-connector' GetAvailableRegions failed with error: AccessDenied: User: arn:aws:iam::394757088909:user/svcacct-bigfix-patching is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::307431060667:role/bigfixcloud-connector status code: 403
The Secondary Issue (UI Bug)
When trying to remove the dead account via the WebUI / Cloud Provisioning Dashboard, we encountered a Javascript error:
Error:
Cannot read properties of undefined (reading 'indexOf')
This happens because the dashboard tries to pull metadata for an account ID that no longer exists in the AWS cloud provider, causing the script to crash.
My Questions:
-
Is there a way to force-delete a cloud account when the WebUI/Dashboard is throwing this
indexOferror? -
Does a failing discovery on one "ghost" account affect the correlation of other active accounts in the same Plugin Portal?
-
What is the best practice to clean up terminated AWS accounts to restore normal correlation?