CODEWITHSUNDEEP
amazon-web-servicesamazon-elastic-beanstalk
Gold Masta
Gold Masta

Reputation: 725

Elastic Beanstalk CLI security token issues

I'm running the EBLCI on Ubuntu. It's pretty slick most of the time but I keep getting kicked out for some kind of security issues. I keep getting the following error:

ERROR: NotAuthorizedError - Operation Denied. The security token included in the request is invalid.

I was able to fix it last week by creating a new IAM key pair and manually inputting the keys into the aws config file in ~.aws/credentials.

This time that didn't work. Any ideas?

Upvotes: 5

Views: 4030

Answers (5)

ekhanna
ekhanna

Reputation: 969

There are total of 6 permissions needed to solve the issue with eb init command. Assign the following permissions to the IAM user or AWS Credentials under which you are running the eb init command. The eb init --debug would be helpful in seeing on which API calls it fails. Make sure S3 access permissions are also added.

enter image description here

Upvotes: 1

EdW
EdW

Reputation: 2293

You can delete old access keys and create new access keys, which may resolve the issue. To do this:

  1. log in to IAM console: https://console.aws.amazon.com/iamv2/home#/home
  2. select 'My Security Credentials': https://console.aws.amazon.com/iam/home#/security_credentials
  3. expand ->Access keys (access key ID ...)
  4. delete old access key, create new access key

Upvotes: 0

leelum1
leelum1

Reputation: 1254

Just had this problem because I had updated my AWS password. I created new Access Keys for my AWS account under Security Credentials and copied the new access key and secret access key to the config and credentials files in the .aws folder (located in C:\Users\username.aws).

Upvotes: 0

Dave Roberts
Dave Roberts

Reputation: 300

I've just had this issue, in my case, we'd revoked the AWS key (as is our policy) and forgotten to set up the new one with my machine. Try revoking the previous key (if it's not already), and setting up a new one.

Upvotes: 1

krishna_mee2004
krishna_mee2004

Reputation: 7366

Check the ~/.aws/credentials file again. When you don't have the default profile, AWS CLI will return this error. This could also occur if you have an IAM role attached to the EC2 instance and you don't specify the --profile option in your command.

You can try exporting the credentials as mentioned in this document and try the command again.

Upvotes: 4

Related Questions