AWS CLI commands InvalidClientTokenId error

I was able to run a few AWS CLI commands via Jenkins pipeline. All of a sudden it stopped working with the below error. "an error occurred (invalidclienttokenid) when calling the ... operation: The security token included in the request is invalid."

I was able to run the CLI commands on the Jenkins server. It works fine. I tried removing ~/.aws and ran configure again. It still doesn't work.

Sujets

Gestion et gouvernance Sécurité, identité et conformité

Balises

Interface à ligne de commande AWS Centre d’identité IAM AWS

Langue

English

rePost-User-olmec

demandé il y a 9 mois1644 vues

1 réponse

Le plus récent
Le plus de votes
La plupart des commentaires

Réponse acceptée

Are the access key and secret access key you are using activated?
If it is not activated, I believe an error will occur.
You must make sure you are using the correct access key and secret access key.
In some cases, it may be easier to reissue and set up access keys.

EXPERT

Riku_Kobayashi

répondu il y a 9 mois

EXPERT

Giovanni Lauria

vérifié il y a un mois

rePost-User-olmec
il y a 9 mois
As I mentioned, I was able to run the CLI commands on the Jenkins server. Why would it work if it wasn't activated?
Riku_Kobayashi EXPERT
il y a 9 mois

As I mentioned, I was able to run the CLI commands on the Jenkins server. Why would it work if it wasn't activated?

Is it possible that someone has accidentally disabled it?

Is it possible to share all the commands you are running? Am I correct in my understanding that it was originally running on the pipeline? Also, have you set up the credentials correctly for the OS user running the jenkins pipeline? Also, will it work if I embed the access key and secret access key in the pipeline configuration without setting them in "~/.aws"? https://plugins.jenkins.io/aws-credentials/

pipeline { agent any stages { stage("s3 ls") { steps { withCredentials( [[ $class: 'AmazonWebServicesCredentialsBinding', credentialsId: 'sandbox', accessKeyVariable: 'AWS_ACCESS_KEY_ID', secretKeyVariable: 'AWS_SECRET_ACCESS_KEY' ]] ) { sh ''' aws s3 ls ''' } } } } }
rePost-User-olmec
il y a 9 mois
@Riku_Kobayashi They are iam related list commands. Yes, it was running and stopped working. I will try and let you know. Thanks.
rePost-User-olmec
il y a 9 mois
I tried adding AWS credentials via Manage Credentials. It throws, AWS was not able to validate the provided access credentials.
Riku_Kobayashi EXPERT
il y a 9 mois
Another point to check is to see if the server's time synchronization is out of sync. https://stackoverflow.com/questions/27685288/aws-was-not-able-to-validate-the-provided-access-credentials https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html

It is also possible that a server restart may correct the problem.

Contenus pertinents

"Error: Body must be a string. Received: undefined." à l'insertion dans DynamoDB react native
Mathieu Ridet
demandé il y a un mois
error 403 / cloud front
nico-HPF
demandé il y a 2 mois
S3 Error: 404 (Not Found)
Gabsi
demandé il y a 6 mois
démarrage d'instances a mon insu
marc
demandé il y a 7 mois
Comment résoudre l’erreur « [AWS service] was unable to place a task because no container instance met all of its requirements » rencontrée dans Amazon ECS ?
AWS OFFICIELA mis à jour il y a un an
Comment gérer mon instance Lightsail à l'aide des commandes AWS CLI ?
AWS OFFICIELA mis à jour il y a 3 ans
Comment gérer les adresses IP statiques sur mes instances Lightsail à l'aide des commandes AWS CLI ?
AWS OFFICIELA mis à jour il y a 3 ans
Comment corriger l'erreur « the closest matching container-instance container-instance-id encountered error 'AGENT' » dans Amazon ECS ?
AWS OFFICIELA mis à jour il y a 5 ans