skip to Main Content

Error: error configuring Terraform AWS Provider:

error validating provider credentials: error calling sts:GetCallerIdentity: operation error STS: GetCallerIdentity, https response error StatusCode: 403, RequestID: 95e52463-8cd7-038-b924-3a5d4ad6ef03, api error InvalidClientTokenId: The security token included in the request is invalid. with provider["registry.terraform.io/hashicorp/aws"], on provider.tf line 1, in provider "aws": 1: provider "aws" {

I have only two files.

  1. instance.tf
resource "aws_instance" "web" {
  ami           = "ami-068257025f72f470d"
  instance_type = "t2.micro"
    
  tags = {
    Name = "instance_using_terraform"
  }
}
  1. provider.tf
provider "aws" {
  region = "ap-east-1"
  access_key = "xxxx"
  secret_key = "xxxx/xxx+xxx"
}

error image is here

7

Answers


  1. Chosen as BEST ANSWER

    Made mistake in the region where I declared entered the wrong namecode of region and access key - secret key '+' and '/' generating the error due to some symbols, you just need to try the new key till the access key contains only alphabetical string. (Symbols are lmao).


  2. Check .aws folder(CONFIG FILE).
    Try this

    aws sts get-caller-identity
    
    {
        "UserId": "AIDAYMYFUCQM7K2RD9DDD",
        "Account": "111147549871",
        "Arn": "arn:aws:iam::111147549871:user/myself"
    }
    

    Also show us your main.tf file and where and how you define access.

    Login or Signup to reply.
  3. In my test environment I was using the root users access and secret access key which did not work. After creating a dedicated user the error did not occur anymore.

    In detail I did the following steps:

    Created a user called terraform here
    Created a new group Administrators with attached permissions Administrator Access by following the wizard
    Copied access key and secret access key to ~/. aws /credentials
    aws access key =xxx
    aws secret access key=xxx
    Created ~/.aws/config
    [default]
    region=us-west-2

    Login or Signup to reply.
  4. May be Your passed AWS configure region is different from your terraform provider region
    e.g: us-east-1 in AWS configure, us-east-1a in terraform provider region.

    Please change those regions to the same.

    Login or Signup to reply.
  5. In case anyone comes across this issue, I found that the workspace I was working in had environment variables set in Terraform Cloud for the AWS credentials. These were taking precedence over my local credentials and needed to be refreshed.

    Login or Signup to reply.
  6. In mycase this issue is because your system date/time is wrong.

    Set Time for my centos8 OS through following command

    timedatectl status
    timedatectl set-time HH:MM:SS

    it will throw error saying
    "Failed to set time: NTP unit is active“if you already have set NTP service on your machine"

    sudo timedatectl set-local-rtc true
    sudo timedatectl set-ntp false
    sudo timedatectl set-time "yyyy-MM-dd hh:mm:ss"
    timedatectl list-timezones
    sudo timedatectl set-timezone Europe/Zagreb
    sudo timedatectl set-ntp yes

    Login or Signup to reply.
  7. Make sure to use the default region specified for your AWS IAM account

    provider "aws" {
      region     = "eu-north-1" # < --- here 
      access_key = "**************"
      secret_key = "**************"
    }
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search