Please tell me how to resolve the InvalidClientTokenId error that occurred with a request in AWS CLI

日本語版はこちら

The issue

When I made a request to the AWS service API from AWS CLI, the following error occurred.

An error occurred (InvalidClientTokenId) when calling the {API Name} operation: The security token included in the request is invalid.

Please tell me the cause of the above error and the solution.

The solution

The "InvalidClientTokenId" error occurs when the "aws_access_key_id" in the credentials file is invalid.
Therefore, please check if the "aws_access_key_id" is correct, and if it is incorrect, please reconfigure it.

The credentials file is located at the following path by default:

• On Windows

  C:Usersusername.awscredentials
  

• On Mac/Linux

  ~/.aws/credentials
  

In some cases, you may need to clear the AWS CLI cache after setting the correct 'aws_access_key_id'.
To clear the cache, please execute the following command.

• On Windows

  C:> del /s /q %UserProfile%.awsclicache
  

• On Mac/Linux

  $ rm -r ~/.aws/cli/cache
  

After completing the above steps, please execute a request from the AWS CLI again to check if the error has been resolved.

References

• Configure the AWS CLI - AWS Command Line Interface
• Using AWS Credentials - AWS Tools for PowerShell
• Revoking IAM role temporary security credentials - AWS Identity and Access Management