aws-sam-cli: sam local start-api invoke lambda unable to access DynamoDB, the error message showed "The security token included in the request is invalid ".

Description

Before sam local version 0.52.0 everything works fine.Sam local environment can request data from cloud dynamodb. After I upgraded my sam local version to 1.0.0. When I debug my code in sam local environment. I got an error

"com.amazonaws.services.dynamodbv2.model.AmazonDynamoDBException: The security token included in the request is invalid (Service: AmazonDynamoDBv2; Status Code: 400; Error Code: UnrecognizedClientException "

I can request data from dynamoDB with Java main function, so I have enough permission to request data from the dynamodb with ~/.aws/credentials (default)

I had test the same project and the same credentials in another PC with sam local 0.18.0, everything is fine.

Steps to reproduce

sam local start-api --host 127.0.0.1 -p 3000 --profile default

Observed result

sam local api start running after I run the command “sam local start-api --host 127.0.0.1 -p 3000 --profile default”. But when lambda need to reqeust data from dynamoDB, There is an error"The security token included in the request is invalid"

Expected result

sam local should get data from cloud dynamoDB.

Additional environment details (Ex: Windows, Mac, Amazon Linux etc)

  1. OS: Ubuntu 18.04 LTS
  2. sam --version: 1.0.0

sam local start-api --host 127.0.0.1 -p 3000 --profile default

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 2
  • Comments: 28 (5 by maintainers)

Most upvoted comments

I am still getting this issue on SAM CLI, version 1.23.0. I have tried uninstalling and reinstalling the sam cli, but with no success. any suggestions?

Can we please update the issue description? This is not a specific problem with DynamoDB, but a generic key ingestion problem on the SAM container.

hi, @Ghilteras ,

It would be thankful if you could update the description. Please give some advice for the description.

We tracked down the issue and it is only happening in java8 images. java11 or new java8.al2 images doesn’t have this bug. We are currently working on fixing it and release new version of the image. Sorry for the inconvenience.

About downgrading the SAM CLI, I tried to follow couple of brew documents, but I wasn’t able to install specific version.

thanks, with java11 manage to test aws tool kit and debug works now. I can use this until is fixed.