UnrecognizedClientException: The security token included in the request is invalid when calling AWS.SecretsManager
Solution 1
The "security token included in the request is invalid" error almost always means there is something wrong with your credentials. Either the accessKeyId or secretAccessKey (or both) are wrong.
You can try validating your credentials using the AWS cli using the STS get caller identity call before using them in your code.
Solution 2
You need to add the endpoint for that aws extract you token access defined with aws configure. Add this code join WHEN creating the table:
--endpoint-url http://localhost:8000 //localhost in my case because I'm runing locally, but you can put there you domain or port server
AWS.config.update({
region: "us-west-2",
endpoint: "http://localhost:8000",
accessKeyId: "your access id",
secretAccessKey: "your acccess key"
});
Related videos on Youtube
Comments
-
Mani almost 2 years
I'm implementing AWS ClientManager to obtain secret variables saved in AWS. I had initial implementation like below:
// Load the AWS SDK var AWS = require('aws-sdk'), region = "us-west-2", secretName = "secretName", accessKeyId = myAccessKey, secretAccessKey = mySecretAccessKey, secret, decodedBinarySecret; var client = new AWS.SecretsManager({ region: region, }); client.getSecretValue({SecretId: secretName}, function(err, data) { if (err) { console.log("Error Happened"); console.log(err); } else { if ('SecretString' in data) { secret = data.SecretString; } else { let buff = new Buffer(data.SecretBinary, 'base64'); decodedBinarySecret = buff.toString('ascii'); } } });
When I start the server it throws the following exception
{ UnrecognizedClientException: The security token included in the request is invalid. message: 'The security token included in the request is invalid.', code: 'UnrecognizedClientException', time: 2019-07-01T12:16:00.021Z, requestId: 'c7ed53c1-fb70-4012-aa9f-5a9a3195a043', statusCode: 400, retryable: false, retryDelay: 40.923844792180674 }
-
Rakesh_Kumar almost 4 yearsWere you able to figure out the issue? How you managed to resolve?
-
Mani almost 4 years@Rakesh_Kumar No, I am sure it has to do something with location settings in
aws console
-
-
imrok about 3 yearsWhile running the CLI
aws configure
, I wasn't able to set the token. I had to manually copy the token inside the~/.aws/credentials
file from my application panel. -
Libertatem over 2 yearsI ran into a similar problem, and found the article very helpful. bobbyhadz.com/blog/… In my case, for some reason after setting up aws-cdk, my stack environment uses [default] user, which in my case was inactive.