"The security token included in the request is invalid" for cdk deploy on cloud9
0
Hi, I just did as I always used to do:
Create a Cloud9 using Amazon Linux 2
upgrade AWS CLI to v2
initialize a CDK app and add some sample code
I am logged on using a role that has 'AdministratorAccess' policy attached and it is assumed by Cloud9.
CDK is bootstrapped.
Running 'cdk deploy' now gives the following error:
current credentials could not be used to assume 'arn:aws:iam::ACCOUNTNUMBER:role/cdk-hnb659fds-deploy-role-ACCOUNTNUMBER-eu-central-1', but are for the right account. Proceeding anyway.
❌ Building assets failed: Error: Building Assets Failed: Error: TestStack: The security token included in the request is invalid
at buildAllStackAssets (/home/ec2-user/.nvm/versions/node/v16.19.1/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:362:115279)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at async CdkToolkit.deploy (/home/ec2-user/.nvm/versions/node/v16.19.1/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:362:142800)
at async exec4 (/home/ec2-user/.nvm/versions/node/v16.19.1/lib/node_modules/cdk/node_modules/aws-cdk/lib/index.js:417:51795)
Building Assets Failed: Error: TestStack: The security token included in the request is invalid
I deleted the CDKToolkit stack and did run 'cdk bootstrap' again, it created the stack again. So apparently this works.
Running ' aws sts get-caller-identity' also shows the right role.
I also tried on an old instance that was stopped, getting same result.