Guides
Go To Operata
Start typing to search…

Troubleshooting

Records are not appearing in Operata

  1. Wait at least 5 minutes. The time it takes for a CTR to arrive in the Kinesis stream and then be processed varies dramatically, with multiple factors impacting delivery.

    • Ensure you have Operata Chrome Extension deployed.
    • Be sure to use the correct Amazon Connect instance CCP URL.
    • Close the Contact when you have ended the call.

  2. Check if your Kinesis Data Stream source is using a custom encryption key. If so, refer to these instructions to resolve.

CloudFormation deployment fails

  1. Ensure you have the correct permission to deploy a CloudFormation stack.

  2. If the issue persists, take a screenshot of the failure from the CloudFormation Stack output and send to Operata support

Managing Operata Secrets in AWS

The Operata AWS Integration stores your API credentials securely in AWS Secrets Manager. In certain scenarios, you may need to manage or delete these secrets, such as when resetting credentials, decommissioning an integration, or troubleshooting deployment issues.

Understanding Operata Secrets Storage

When you deploy the Operata CloudFormation stack, two types of secrets are created:

  1. AWS Secrets Manager Secret - Stores the Operata API key

    • Named with pattern: cloud-collector-v3/ctr/{operataGroupId}/apiToken
    • Used by Lambda functions to authenticate with Operata API

  2. EventBridge Connection Secret - Automatically created by EventBridge

    • Named with prefix: events!connection/
    • Stores the API destination connection credentials
    • Cost of storing this secret is included with the API destination charge

When to Delete Operata Secrets

You may need to delete secrets in the following situations:

  • Redeploying the CloudFormation stack - If the stack creation fails due to existing secrets
  • Resetting credentials - When rotating API keys or changing Operata Group IDs
  • Decommissioning the integration - Complete removal of the Operata integration
  • Troubleshooting authentication issues - Force refresh of stored credentials
⚠️

Warning: Impact of Deleting Secrets

Deleting the Operata API key secret will immediately break the integration. The Lambda function and EventBridge connection will be unable to authenticate with the Operata API, and no data will be transmitted until new secrets are configured.

Deleting Secrets Using AWS CLI

Prerequisites

  • AWS CLI installed and configured with appropriate credentials
  • IAM permissions for secretsmanager:DeleteSecret and secretsmanager:ListSecrets
  • Knowledge of your Operata Group ID

Delete the Secrets Manager API Key Secret

To delete the Operata API key secret stored in AWS Secrets Manager:

# List secrets to find the exact secret name
aws secretsmanager list-secrets --filters Key=name,Values=cloud-collector-v3

# Delete the secret (7-day recovery window by default)
aws secretsmanager delete-secret \
  --secret-id "cloud-collector-v3/ctr/YOUR_GROUP_ID/apiToken"

# For immediate deletion without recovery period (use with caution)
aws secretsmanager delete-secret \
  --secret-id "cloud-collector-v3/ctr/YOUR_GROUP_ID/apiToken" \
  --force-delete-without-recovery

Replace YOUR_GROUP_ID with your actual Operata Group ID.

Delete the EventBridge Connection Secret

To delete the EventBridge API destination connection secret:

# List EventBridge connections to find the connection name
aws events list-connections

# Delete the connection (this automatically deletes the associated secret)
aws events delete-connection \
  --name "operataAPIgroup-YOUR_GROUP_ID"

Deleting Secrets Using AWS Console

Delete via Secrets Manager Console

  1. Navigate to AWS Secrets Manager Console
  2. Search for secrets containing cloud-collector-v3 or events!connection
  3. Select the secret you want to delete
  4. Click Actions > Delete secret
  5. Choose the recovery window (7-30 days) or force immediate deletion
  6. Confirm the deletion

Delete via EventBridge Console

  1. Navigate to Amazon EventBridge Console
  2. Select API destinations from the left navigation
  3. Select Connections tab
  4. Find the connection named operataAPIgroup-{YourGroupId}
  5. Click Delete and confirm

Recovery and Redeployment

After deleting secrets, if you need to restore the integration:

  1. Wait for the secret recovery window to complete (if not force-deleted)
  2. Update the CloudFormation stack with new parameters
  3. Or create a new CloudFormation stack with updated credentials
  4. Verify the new secrets are created by checking the CloudFormation outputs

Verifying Secret Deletion

To confirm secrets have been deleted:

# Check Secrets Manager
aws secretsmanager describe-secret \
  --secret-id "cloud-collector-v3/ctr/YOUR_GROUP_ID/apiToken"

# Check EventBridge connections
aws events describe-connection \
  --name "operataAPIgroup-YOUR_GROUP_ID"

Both commands should return errors indicating the resources no longer exist.

Best Practices

  • Always use the recovery window unless immediate deletion is absolutely necessary
  • Document your Group ID before deleting secrets to simplify redeployment
  • Test in non-production environments before performing operations in production
  • Coordinate with your team before deleting secrets to avoid unexpected service interruptions
  • Use CloudFormation stack deletion when possible, as it handles dependent resource cleanup automatically

Updated 6 months ago