mrc
Reputation: 3173
Aws-vault: Failed to get credentials - InvalidClientTokenId: The security token included in the request is invalid
When I use
aws-vault exec --no-session --debug role_name
I get:
2020/06/09 13:57:13 [keyring] Found item "aws-vault (default)"
aws-vault: error: exec: Failed to get credentials for role_name: InvalidClientTokenId: The security token included in the request is invalid.
status code: 403, request id: 05bf31bd-091e-4f18-83c5-7add3e1bccb8
First of all I thought about incorrect password, but when tried to put an incorrect password purposely, Mac Os ask again for the correct password.
I have the ~/.aws/config and ~/.aws/credentials with the correct setup.
Upvotes: 13
Views: 20963
Answers (1)
rom85
Reputation: 331
Had the same error after rotating AWS credentials.
Deleted ~/Library/Keychains/aws-vault.keychain-db and executed aws-vault add default which created a new keychain and aws-vault started working again.
If you are on MacOS, you can probably edit the keychain directly.
Upvotes: 22
Related Questions
- An error occurred (InvalidClientTokenId) when calling the AssumeRole operation: The security token included in the request is invalid
- aws-vault credentials missing
- aws cli get error "The security token included in the request is invalid"
- How can I fix provider.vault: no vault token found?
- Vault Cross Account Access - Role Not Found
- Amazon AWS authorization error I am getting this error on the AWS console
- Getting error: Missing Authentication Token after AWS API request
- error making upstream request 403 sts vault from aws instance
- login unauthorized error whle connecting to external hashicorp vault with kubernetes service account
- AWS: "Your authentication information is incorrect"