How to resolve the security token included in the request is invalid error in AWS?

When you are trying to access an AWS service through an API endpoint and your credential is either expired, removed or disabled, you get this error. The resolution of this error depends on how you have configured your AWS security credentials.

In AWS you can get the access key and secret key (security credentials) by creating an IAM user with programmatic access and then use this access key and secret key with your application to authenticate your application API request to AWS. The security credentials obtained in this method are generally static and do not change unless someone or something has rotated your security credentials. In this case, you need to again rotate your IAM user security credentials to get the new access key and secret key.

Another way you get your security credentials is by creating an IAM role and then assuming that IAM role to get the access key, secret key, and session token which you can use with your application to authenticate your API request with AWS. In this case, there is an expiry time (default is one hour) after which you need to again get a new set of security credentials. if you are getting this error while using the second method, you need to again request a new set of security credentials.

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html

http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html

Leave a Reply

Close Menu