From 12e523290a6cf7b43903876ed884d2a64c3ea071 Mon Sep 17 00:00:00 2001
From: way zheng <way.zheng@thetradedesk.com>
Date: Fri, 14 Nov 2025 15:25:06 -0800
Subject: [PATCH 1/4] add code E12 = download erros

---
 docs/guides/operator-guide-aws-marketplace.md          |  8 ++++++++
 docs/guides/operator-guide-azure-enclave.md            | 10 +++++++++-
 docs/guides/operator-private-gcp-confidential-space.md |  8 ++++++++
 3 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/docs/guides/operator-guide-aws-marketplace.md b/docs/guides/operator-guide-aws-marketplace.md
index 21f39b0a9..4f019a366 100644
--- a/docs/guides/operator-guide-aws-marketplace.md
+++ b/docs/guides/operator-guide-aws-marketplace.md
@@ -376,6 +376,14 @@ Error codes for Private Operator startup issues are applicable only to release v
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
 
+### Runtime Errors
+
+The following errors occur during operator runtime (after startup):
+
+| Error Code | Issue | How to Identify in Logs | Steps to Resolve |
+| :--- | :--- | :--- | :--- |
+| E12 | Data Download Failure | Look for log messages containing `"Cannot download required files"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: RequestTimeoutException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid and configuration paths are correct.<br/>**403 errors** - Check IAM permissions for S3 access and verify operator credentials.<br/>**Timeout errors** - Verify network connectivity, check firewall/security group settings allow outbound HTTPS, and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
+
 ## Technical Support
 
 If you have trouble subscribing to the product, or deploying, [contact us](mailto:aws-mktpl-uid@thetradedesk.com).
diff --git a/docs/guides/operator-guide-azure-enclave.md b/docs/guides/operator-guide-azure-enclave.md
index 9d65c0714..5f49c07b9 100644
--- a/docs/guides/operator-guide-azure-enclave.md
+++ b/docs/guides/operator-guide-azure-enclave.md
@@ -350,4 +350,12 @@ Error codes for Private Operator startup issues are applicable only to release v
 | E04 | ConfigurationValueError | A configuration value is invalid. Verify that the configuration values align with the required format and environment. Note: `debug_mode = true` is allowed only in the `integ` environment. Check the logs for more details. |
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
-| E08 | OperatorKeyPermissionError | The managed identity (specified via the `operatorIdentifier` parameter) that launches the container must have access to the key vault where the operator key is stored. The value of `operatorIdentifier` must be identical across all configuration JSON files. |
\ No newline at end of file
+| E08 | OperatorKeyPermissionError | The managed identity (specified via the `operatorIdentifier` parameter) that launches the container must have access to the key vault where the operator key is stored. The value of `operatorIdentifier` must be identical across all configuration JSON files. |
+
+### Runtime Errors
+
+The following errors occur during operator runtime (after startup):
+
+| Error Code | Issue | How to Identify in Logs | Steps to Resolve |
+| :--- | :--- | :--- | :--- |
+| E12 | Data Download Failure | Look for log messages containing `"Cannot download required files"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: RequestTimeoutException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid and configuration paths are correct.<br/>**403 errors** - Check managed identity permissions for storage access and verify operator credentials.<br/>**Timeout errors** - Verify network connectivity, check NSG/firewall rules allow outbound HTTPS, and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
\ No newline at end of file
diff --git a/docs/guides/operator-private-gcp-confidential-space.md b/docs/guides/operator-private-gcp-confidential-space.md
index d7bca3517..41f1f0e4f 100644
--- a/docs/guides/operator-private-gcp-confidential-space.md
+++ b/docs/guides/operator-private-gcp-confidential-space.md
@@ -546,3 +546,11 @@ Error codes for Private Operator startup issues are applicable only to release v
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
 | E08 | OperatorKeyPermissionError |  Attach a service account to the Compute Engine instance template. The UID2 Operator needs these permissions to access the operator key from the GCP Secret Manager. |
+
+### Runtime Errors
+
+The following errors occur during operator runtime (after startup):
+
+| Error Code | Issue | How to Identify in Logs | Steps to Resolve |
+| :--- | :--- | :--- | :--- |
+| E12 | Data Download Failure | Look for log messages containing `"Cannot download required files"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: RequestTimeoutException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid and configuration paths are correct.<br/>**403 errors** - Check service account permissions for storage access and verify operator credentials.<br/>**Timeout errors** - Verify network connectivity, check VPC firewall rules allow outbound HTTPS, and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |

From f01e2261765a415a71cecc90e486c8c880cffb0e Mon Sep 17 00:00:00 2001
From: way zheng <way.zheng@thetradedesk.com>
Date: Mon, 17 Nov 2025 00:22:58 -0800
Subject: [PATCH 2/4] be consistent with the existing table

---
 docs/guides/operator-guide-aws-marketplace.md        | 12 +++++++-----
 docs/guides/operator-guide-azure-enclave.md          | 10 +---------
 .../operator-private-gcp-confidential-space.md       |  8 --------
 3 files changed, 8 insertions(+), 22 deletions(-)

diff --git a/docs/guides/operator-guide-aws-marketplace.md b/docs/guides/operator-guide-aws-marketplace.md
index 4f019a366..03ebc9128 100644
--- a/docs/guides/operator-guide-aws-marketplace.md
+++ b/docs/guides/operator-guide-aws-marketplace.md
@@ -361,12 +361,16 @@ The following table includes some additional commands that might help you manage
 
 ## UID2 Operator Error Codes
 
-The following table lists errors that might occur during a Private Operator's startup sequence.
+The following sections list error codes that might occur during a Private Operator's startup or runtime.
 
 :::note
-Error codes for Private Operator startup issues are applicable only to release v5.49.7 and later.
+Error codes for Private Operator issues are applicable only to release v5.49.7 and later.
 :::
 
+### Startup Errors
+
+The following errors occur during operator startup:
+
 | Error Code | Issue | Steps to Resolve |
 | :--- | :--- | :--- |
 | E01 | InstanceProfileMissingError |  Attach an IAM instance profile to the EC2 instance with the required permissions. The UID2 Operator needs these permissions to access configurations from AWS Secrets Manager. |
@@ -376,13 +380,11 @@ Error codes for Private Operator startup issues are applicable only to release v
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
 
-### Runtime Errors
-
 The following errors occur during operator runtime (after startup):
 
 | Error Code | Issue | How to Identify in Logs | Steps to Resolve |
 | :--- | :--- | :--- | :--- |
-| E12 | Data Download Failure | Look for log messages containing `"Cannot download required files"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: RequestTimeoutException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid and configuration paths are correct.<br/>**403 errors** - Check IAM permissions for S3 access and verify operator credentials.<br/>**Timeout errors** - Verify network connectivity, check firewall/security group settings allow outbound HTTPS, and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
+| E12 | Data Download Failure | Look for log messages containing `"E12: Data Download Failure"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: IOException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid and configuration paths are correct.<br/>**403 errors** - Check IAM permissions for S3 access and verify operator credentials.<br/>**Timeout errors** - Verify network connectivity, check firewall/security group settings allow outbound HTTPS, and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
 
 ## Technical Support
 
diff --git a/docs/guides/operator-guide-azure-enclave.md b/docs/guides/operator-guide-azure-enclave.md
index 5f49c07b9..9d65c0714 100644
--- a/docs/guides/operator-guide-azure-enclave.md
+++ b/docs/guides/operator-guide-azure-enclave.md
@@ -350,12 +350,4 @@ Error codes for Private Operator startup issues are applicable only to release v
 | E04 | ConfigurationValueError | A configuration value is invalid. Verify that the configuration values align with the required format and environment. Note: `debug_mode = true` is allowed only in the `integ` environment. Check the logs for more details. |
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
-| E08 | OperatorKeyPermissionError | The managed identity (specified via the `operatorIdentifier` parameter) that launches the container must have access to the key vault where the operator key is stored. The value of `operatorIdentifier` must be identical across all configuration JSON files. |
-
-### Runtime Errors
-
-The following errors occur during operator runtime (after startup):
-
-| Error Code | Issue | How to Identify in Logs | Steps to Resolve |
-| :--- | :--- | :--- | :--- |
-| E12 | Data Download Failure | Look for log messages containing `"Cannot download required files"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: RequestTimeoutException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid and configuration paths are correct.<br/>**403 errors** - Check managed identity permissions for storage access and verify operator credentials.<br/>**Timeout errors** - Verify network connectivity, check NSG/firewall rules allow outbound HTTPS, and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
\ No newline at end of file
+| E08 | OperatorKeyPermissionError | The managed identity (specified via the `operatorIdentifier` parameter) that launches the container must have access to the key vault where the operator key is stored. The value of `operatorIdentifier` must be identical across all configuration JSON files. |
\ No newline at end of file
diff --git a/docs/guides/operator-private-gcp-confidential-space.md b/docs/guides/operator-private-gcp-confidential-space.md
index 41f1f0e4f..d7bca3517 100644
--- a/docs/guides/operator-private-gcp-confidential-space.md
+++ b/docs/guides/operator-private-gcp-confidential-space.md
@@ -546,11 +546,3 @@ Error codes for Private Operator startup issues are applicable only to release v
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
 | E08 | OperatorKeyPermissionError |  Attach a service account to the Compute Engine instance template. The UID2 Operator needs these permissions to access the operator key from the GCP Secret Manager. |
-
-### Runtime Errors
-
-The following errors occur during operator runtime (after startup):
-
-| Error Code | Issue | How to Identify in Logs | Steps to Resolve |
-| :--- | :--- | :--- | :--- |
-| E12 | Data Download Failure | Look for log messages containing `"Cannot download required files"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: RequestTimeoutException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid and configuration paths are correct.<br/>**403 errors** - Check service account permissions for storage access and verify operator credentials.<br/>**Timeout errors** - Verify network connectivity, check VPC firewall rules allow outbound HTTPS, and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |

From e1f479f360395bb0b58e16ae32218f0929b44694 Mon Sep 17 00:00:00 2001
From: way zheng <way.zheng@thetradedesk.com>
Date: Tue, 23 Dec 2025 14:04:56 -0800
Subject: [PATCH 3/4] resolve comments

---
 docs/guides/operator-guide-aks-enclave.md     | 29 +++++++++++++++++++
 docs/guides/operator-guide-aws-marketplace.md |  6 ++--
 docs/guides/operator-guide-azure-enclave.md   | 18 ++++++++++--
 ...operator-private-gcp-confidential-space.md | 16 ++++++++--
 4 files changed, 62 insertions(+), 7 deletions(-)

diff --git a/docs/guides/operator-guide-aks-enclave.md b/docs/guides/operator-guide-aks-enclave.md
index 522505ca5..abaae6c5b 100644
--- a/docs/guides/operator-guide-aks-enclave.md
+++ b/docs/guides/operator-guide-aks-enclave.md
@@ -447,3 +447,32 @@ To upgrade, complete the following steps:
    ```
    kubectl get pods
    ```
+
+## UID2 Operator Error Codes
+
+The following sections list error codes that might occur during a Private Operator's startup or runtime.
+
+:::note
+Error codes for Private Operator issues are applicable only to release v5.49.7 and later.
+:::
+
+### Startup Errors
+
+The following errors occur during operator startup:
+
+| Error Code | Issue | Steps to Resolve |
+| :--- | :--- | :--- |
+| E02 | OperatorKeyNotFoundError | Make sure that the secret vault and secret name that store the operator key are correctly configured. Make sure they are set as `VAULT_NAME` and `OPERATOR_KEY_SECRET_NAME`. |
+| E03 | ConfigurationMissingError | Required attributes are missing in the configuration. Refer to the logs for details and update the missing attributes before running the Azure operator. |
+| E04 | ConfigurationValueError | A configuration value is invalid. Verify that the configuration values align with the required format and environment. Note: `debug_mode = true` is allowed only in the `integ` environment. Check the logs for more details. |
+| E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
+| E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
+| E08 | OperatorKeyPermissionError | The managed identity (specified via the `operatorIdentifier` parameter) that launches the container must have access to the key vault where the operator key is stored. The value of `operatorIdentifier` must be identical across all configuration JSON files. |
+
+### Runtime Errors
+
+The following errors occur during operator runtime:
+
+| Error Code | Issue | How to Identify in Logs | Steps to Resolve |
+| :--- | :--- | :--- | :--- |
+| E12 | Data Download Failure | Look for log messages containing `"E12: Data Download Failure"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: IOException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid for the environment.<br/>**403 errors** - Verify operator key and credentials are correct.<br/>**Timeout errors** - Verify network connectivity, check NSG/firewall rules allow outbound HTTPS (port 443), and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
diff --git a/docs/guides/operator-guide-aws-marketplace.md b/docs/guides/operator-guide-aws-marketplace.md
index 03ebc9128..e2f0c05a6 100644
--- a/docs/guides/operator-guide-aws-marketplace.md
+++ b/docs/guides/operator-guide-aws-marketplace.md
@@ -380,11 +380,13 @@ The following errors occur during operator startup:
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
 
-The following errors occur during operator runtime (after startup):
+### Runtime Errors
+
+The following errors occur during operator runtime:
 
 | Error Code | Issue | How to Identify in Logs | Steps to Resolve |
 | :--- | :--- | :--- | :--- |
-| E12 | Data Download Failure | Look for log messages containing `"E12: Data Download Failure"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: IOException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid and configuration paths are correct.<br/>**403 errors** - Check IAM permissions for S3 access and verify operator credentials.<br/>**Timeout errors** - Verify network connectivity, check firewall/security group settings allow outbound HTTPS, and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
+| E12 | Data Download Failure | Look for log messages containing `"E12: Data Download Failure"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: IOException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid for the environment.<br/>**403 errors** - Verify operator key and credentials are correct.<br/>**Timeout errors** - Verify network connectivity, check firewall/security group settings allow outbound HTTPS (port 443), and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
 
 ## Technical Support
 
diff --git a/docs/guides/operator-guide-azure-enclave.md b/docs/guides/operator-guide-azure-enclave.md
index 9d65c0714..085635189 100644
--- a/docs/guides/operator-guide-azure-enclave.md
+++ b/docs/guides/operator-guide-azure-enclave.md
@@ -337,12 +337,16 @@ To upgrade, complete the following steps:
 
 ## UID2 Operator Error Codes
 
-The following table lists errors that might occur during a Private Operator's startup sequence.
+The following sections list error codes that might occur during a Private Operator's startup or runtime.
 
 :::note
-Error codes for Private Operator startup issues are applicable only to release v5.49.7 and later.
+Error codes for Private Operator issues are applicable only to release v5.49.7 and later.
 :::
 
+### Startup Errors
+
+The following errors occur during operator startup:
+
 | Error Code | Issue | Steps to Resolve |
 | :--- | :--- | :--- |
 | E02 | OperatorKeyNotFoundError | Make sure that the secret vault and secret name that store the operator key are correctly configured. Make sure they are set as `VAULT_NAME` and `OPERATOR_KEY_SECRET_NAME`. |
@@ -350,4 +354,12 @@ Error codes for Private Operator startup issues are applicable only to release v
 | E04 | ConfigurationValueError | A configuration value is invalid. Verify that the configuration values align with the required format and environment. Note: `debug_mode = true` is allowed only in the `integ` environment. Check the logs for more details. |
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
-| E08 | OperatorKeyPermissionError | The managed identity (specified via the `operatorIdentifier` parameter) that launches the container must have access to the key vault where the operator key is stored. The value of `operatorIdentifier` must be identical across all configuration JSON files. |
\ No newline at end of file
+| E08 | OperatorKeyPermissionError | The managed identity (specified via the `operatorIdentifier` parameter) that launches the container must have access to the key vault where the operator key is stored. The value of `operatorIdentifier` must be identical across all configuration JSON files. |
+
+### Runtime Errors
+
+The following errors occur during operator runtime:
+
+| Error Code | Issue | How to Identify in Logs | Steps to Resolve |
+| :--- | :--- | :--- | :--- |
+| E12 | Data Download Failure | Look for log messages containing `"E12: Data Download Failure"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: IOException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid for the environment.<br/>**403 errors** - Verify operator key and credentials are correct.<br/>**Timeout errors** - Verify network connectivity, check NSG/firewall rules allow outbound HTTPS (port 443), and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |
\ No newline at end of file
diff --git a/docs/guides/operator-private-gcp-confidential-space.md b/docs/guides/operator-private-gcp-confidential-space.md
index d7bca3517..6621a860e 100644
--- a/docs/guides/operator-private-gcp-confidential-space.md
+++ b/docs/guides/operator-private-gcp-confidential-space.md
@@ -532,12 +532,16 @@ The Private Operator for GCP exposes [Prometheus-formatted metrics](https://prom
 
 ## UID2 Operator Error Codes
 
-The following table lists errors that might occur during a Private Operator's startup sequence.
+The following sections list error codes that might occur during a Private Operator's startup or runtime.
 
 :::note
-Error codes for Private Operator startup issues are applicable only to release v5.49.7 and later.
+Error codes for Private Operator issues are applicable only to release v5.49.7 and later.
 :::
 
+### Startup Errors
+
+The following errors occur during operator startup:
+
 | Error Code | Issue | Steps to Resolve |
 | :--- | :--- | :--- |
 | E02 | OperatorKeyNotFoundError | Make sure that the secret name specified exists in GCP Secret Manager in the same project as the operator, and that the service account has permission to access the secret. Make sure it's set to: `tee-env-API_TOKEN_SECRET_NAME`. If needed, you can check the logs for the specific secret name. |
@@ -546,3 +550,11 @@ Error codes for Private Operator startup issues are applicable only to release v
 | E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
 | E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
 | E08 | OperatorKeyPermissionError |  Attach a service account to the Compute Engine instance template. The UID2 Operator needs these permissions to access the operator key from the GCP Secret Manager. |
+
+### Runtime Errors
+
+The following errors occur during operator runtime:
+
+| Error Code | Issue | How to Identify in Logs | Steps to Resolve |
+| :--- | :--- | :--- | :--- |
+| E12 | Data Download Failure | Look for log messages containing `"E12: Data Download Failure"` along with `"Failed to load"` errors from `RotatingStoreVerticle`. These will include HTTP status codes (e.g., `"HTTP response code 403"`) or exception types (e.g., `"exception: IOException"`). | Check the HTTP status code or exception in the error message: <br/>**404 errors** - Verify operator key is valid for the environment.<br/>**403 errors** - Verify operator key and credentials are correct.<br/>**Timeout errors** - Verify network connectivity, check VPC firewall rules allow outbound HTTPS (port 443), and ensure UID2 service endpoints are accessible.<br/>**500 errors** - Temporary UID2 service issue, retry or contact UID2 support if persistent. |

From 36d905e9d7219fea707cf6848c8031b2609f46cf Mon Sep 17 00:00:00 2001
From: way zheng <way.zheng@thetradedesk.com>
Date: Tue, 23 Dec 2025 14:13:41 -0800
Subject: [PATCH 4/4] aks don't have other error codes except E12

---
 docs/guides/operator-guide-aks-enclave.md | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/docs/guides/operator-guide-aks-enclave.md b/docs/guides/operator-guide-aks-enclave.md
index abaae6c5b..26ba3772f 100644
--- a/docs/guides/operator-guide-aks-enclave.md
+++ b/docs/guides/operator-guide-aks-enclave.md
@@ -450,25 +450,12 @@ To upgrade, complete the following steps:
 
 ## UID2 Operator Error Codes
 
-The following sections list error codes that might occur during a Private Operator's startup or runtime.
+The following sections list error codes that might occur during a Private Operator's runtime.
 
 :::note
 Error codes for Private Operator issues are applicable only to release v5.49.7 and later.
 :::
 
-### Startup Errors
-
-The following errors occur during operator startup:
-
-| Error Code | Issue | Steps to Resolve |
-| :--- | :--- | :--- |
-| E02 | OperatorKeyNotFoundError | Make sure that the secret vault and secret name that store the operator key are correctly configured. Make sure they are set as `VAULT_NAME` and `OPERATOR_KEY_SECRET_NAME`. |
-| E03 | ConfigurationMissingError | Required attributes are missing in the configuration. Refer to the logs for details and update the missing attributes before running the Azure operator. |
-| E04 | ConfigurationValueError | A configuration value is invalid. Verify that the configuration values align with the required format and environment. Note: `debug_mode = true` is allowed only in the `integ` environment. Check the logs for more details. |
-| E05 | OperatorKeyValidationError | Ensure the operator key is correct for the environment and matches the one provided to you. |
-| E06 | UID2ServicesUnreachableError | Allow UID2 core and opt-out service IP addresses in the egress firewall. For IP addresses and DNS details, refer to the logs.  |
-| E08 | OperatorKeyPermissionError | The managed identity (specified via the `operatorIdentifier` parameter) that launches the container must have access to the key vault where the operator key is stored. The value of `operatorIdentifier` must be identical across all configuration JSON files. |
-
 ### Runtime Errors
 
 The following errors occur during operator runtime: