为什么 Aws-vault 身份验证失败? 使用凭据获取帐户 ID 时出错:调用 sts:GetCallerIdentity: InvalidClientTokenId 时出错
[英]Why did Aws-vault auth failed? error using credentials to get account ID: error calling sts:GetCallerIdentity: InvalidClientTokenId
问题描述
I am using aws-vault to store my credenitals After running
我正在使用 aws-vault 来存储我的凭证运行后
docker-compose -f deploy/docker-compose.yml run --rm terraform init
I got error我有错误
Initializing the backend...
Error: error using credentials to get account ID: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid
status code: 403, request id: 6ee874fd-9f27-4923-a6ac-b605ae49879d
I checked again我又查了
aws-vault list
shows节目
brankovich brankovich sts.GetSessionToken:58m21s
My auth is valid for next 58 mins.我的身份验证在接下来的 58 分钟内有效。 My deploy/docer-compose.yml我的deploy/docer-compose.yml
version: '3.7'
services:
terraform:
image: hashicorp/terraform:0.12.21
volumes:
- .:/infra
working_dir: /infra
environment:
- AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
- AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
- AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN}
What is wrong?怎么了?
Account policies账户政策
1 个解决方案
解决方案1
0 2022-07-20 13:33:34
Some things won't work with aws-vault's temporary credentials.有些事情不适用于 aws-vault 的临时凭证。 Try to use the exec command and pass the parameter --no-session to use the original credentials:尝试使用exec命令并传递参数--no-session以使用原始凭据:
aws-vault exec brankovich --no-session -- docker-compose -f deploy/docker-compose.yml run --rm terraform init
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.