Problem
When you attempt to add a GitHub App VCS integration from the Terraform Enterprise UI, the process fails with a Server Error. The logs contain a 403 error message similar to the following:
Error 403 - Although you appear to have the correct authorization credentials,
the <YOUR_GITHUB_ORGANIZATION_NAME> organization has an IP allow list enabled,
and your IP address is not permitted to access this resource. //
See: https://docs.github.com/rest/apps/installations#list-repositories-accessible-to-the-user-access-tokenIn the error message, YOUR_GITHUB_ORGANIZATION_NAME corresponds to your GitHub Enterprise organization's name.
Prerequisites
- A Terraform Enterprise instance.
- A GitHub Enterprise Cloud organization with an IP allow list enabled.
Cause
This error occurs because your GitHub Enterprise Cloud organization is configured with an IP allow list, and the public IP address of your Terraform Enterprise instance has not been added to that list. GitHub is blocking the connection attempt from the unrecognized IP address.
Solution
To resolve this issue, you must authorize the Terraform Enterprise instance's IP address within your GitHub organization's settings.
- Add your Terraform Enterprise instance's public IP address to the IP allow list in your GitHub Enterprise organization.
- Wait a few minutes for the changes to propagate, then attempt to set up the VCS provider in the Terraform Enterprise UI again.
Outcome
The VCS provider should now connect successfully to Terraform Enterprise.
Additional Information
- For more details on integrating Terraform Enterprise with a GitHub App, refer to the Terraform Enterprise documentation.
- You can find more information on the GitHub app VCS integration process in the official documentation.