aws-samples/aws-cdk-pipelines-datalake-infrastructure

bootstrapping failed with error InvalidClientTokenId

baotran2207 opened this issue · 0 comments

baotran2207 commented

After filled configuration.py file, i tried to run ./lib/prerequisites/bootstrap_deployment_account.sh but it failed with below error

Branch:cdkv2
OS: Mac
Python: 3.9.8
CDK: 2.46.0 (build 5a0595e)

****858 : Development account
****858 : Dev account (same with development account)
****223 : Test account
****615 : Prod account

⏳  Bootstrapping environment aws://*****858/ap-east-1...
 ⏳  Bootstrapping environment aws://*****615/ap-east-1...
 ⏳  Bootstrapping environment aws://*****223/ap-east-1...
 ❌  Environment aws://*****223/ap-east-1 failed bootstrapping: Error: Need to perform AWS calls for account ******223, but the current credentials are for *******858
    at SdkProvider.forEnvironment (/Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/api/aws-auth/sdk-provider.ts:184:60)
    at Function.lookup (/Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/api/bootstrap/deploy-bootstrap.ts:31:18)
    at Bootstrapper.modernBootstrap (/Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/api/bootstrap/bootstrap-environment.ts:81:21)
    at /Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/cdk-toolkit.ts:626:24
    at async Promise.all (index 2)
    at CdkToolkit.bootstrap (/Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/cdk-toolkit.ts:623:5)
    at initCommandLine (/Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/cli.ts:357:12)
 ❌  Environment aws://****615/ap-east-1 failed bootstrapping: Error: Need to perform AWS calls for account ****6615, but the current credentials are for ******858
    at SdkProvider.forEnvironment (/Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/api/aws-auth/sdk-provider.ts:184:60)
    at Function.lookup (/Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/api/bootstrap/deploy-bootstrap.ts:31:18)
    at Bootstrapper.modernBootstrap (/Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/api/bootstrap/bootstrap-environment.ts:81:21)
    at /Users/baotran/.npm-global/lib/node_modules/aws-cdk/lib/cdk-toolkit.ts:626:24
    at async Promise.all (index 1)

Need to perform AWS calls for account *******223, but the current credentials are for *****858
 ❌  Environment aws://****858/ap-east-1 failed bootstrapping: InvalidClientTokenId: The security token included in the request is invalid.
    at Request.extractError (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/protocol/query.js:50:29)
    at Request.callListeners (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/request.js:688:12)
    at Request.callListeners (/Users/baotran/.npm-global/lib/node_modules/aws-sdk/lib/sequential_executor.js:116:18) {
  code: 'InvalidClientTokenId',
  time: 2022-10-14T04:11:56.215Z,
  requestId: '62a87b65-2421-42a7-bd2d-7bfd05f2f6d5',
  statusCode: 403,
  retryable: false,
  retryDelay: 25.6356976364817

I though this bootstrap development ls only access to Development account , why it tries to access other env accounts ?