Troubleshooting and Fix the Terraform AWS InvalidClientTokenId Error

Guidelines for Troubleshooting and Correcting AWS Provider Authentication Issues

Introduction

When encountering an error with terraform apply that points to an issue with the AWS Provider, particularly a 403 error code stating "InvalidClientTokenId: The security token included in the request is invalid," it suggests a problem with the AWS credentials or their configuration in Terraform. This error prevents Terraform from authenticating with AWS services, halting any infrastructure provisioning or management tasks. Let's explore the causes of this error and how to resolve it.

Understanding the Error

The error message:

╷
│ Error: configuring Terraform AWS Provider: validating provider credentials: retrieving caller identity from STS: operation error STS: GetCallerIdentity, https response error StatusCode: 403, RequestID: 0436b226-7032-4afc-8fd2-6ba42f6c0c76, api error InvalidClientTokenId: The security token included in the request is invalid.
│ 
│   with provider["registry.terraform.io/hashicorp/aws"],
│   on main.tf line 11, in provider "aws":
│   11: provider "aws" {
│ 
╵