Getting "Signature expired" error using AWS CLI secretsmanager command on Ubuntu VM

Question

I am trying to retrieve AWS secrets using the secretsmanager CLI command but am getting this error after the command just seems to hang for about 5-6 minutes:

```
An error occurred (InvalidSignatureException) when calling the GetSecretValue operation: Signature expired: 20240208T204704Z is now earlier than 20240208T204804Z (20240208T205304Z - 5 min.)
```
However, all other AWS CLI commands I have tried work fine on the VM such as `aws sts get-caller-identity` or `aws s3 ls`. I am able to retrieve the secret on my Mac which what the VM is running on and both my VM and Mac have identical `~/.aws/config` and `~/.aws/credentials` files.

I have checked my VMs datetime and it is correct and so is the timezone.

I also tried to reinstalled the AWS CLI but no luck.

Any ideas on why this command wont work on my VM?

Answer

* Ensure that your Ubuntu VM is configured to use NTP (Network Time Protocol) to synchronize its clock with internet time servers. You can check if NTP is running and configured correctly with commands like `timedatectl` or by checking the NTP service status.
* You can manually force a time synchronization using `sudo ntpdate ntp.ubuntu.com` or the appropriate command for your configured NTP service. This can help if your clock is slightly off but not visibly so.
* Lastly, make sure you're running the latest version of the AWS CLI

If this has answered your question or was helpful, accepting the answer would be greatly appreciated. Thank you!

Getting "Signature expired" error using AWS CLI secretsmanager command on Ubuntu VM

Relevant content