By using AWS re:Post, you agree to the Terms of Use

aws iotsecuretunneling close-tunnel


I have done the following:

aws configure sso (allowed device) aws iotsecuretunneling open-tunnel ....

Retrieved the tunnelId from the above command.

Tried: aws iotsecuretunneling close-tunnel --tunnel-id xxxx-xxxx-xxx

But I am getting: "Unable to locate credentials. You can configure credentials by running "aws configure"."

I want to add the close-tunnel to my script just incase it ends before my tunnel session expires, since when I start a new one, the localproxy command still uses the old/closed one.

1 Answer


The error indicates missing credentials in the system.

As you’re trying to invoke the AWS CLI command from the script you will need to configure the AWS credentials on the device.

You can use the AWS user credentials by executing the aws configure CLI command and entering the credentials.

However, a better security practice will be to configure the CLI to use an IAM role directly[1].

It appears you’re already configuring the AWS CLI to use single-sign-on (SSO) and appears you are getting the credentials from that specific call only, in which case you can use the SSO profile [2] to crate the credentials (Note this involves some manual interaction).




answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions