Getting "Signature expired" error using AWS CLI secretsmanager command on Ubuntu VM

0

I am trying to retrieve AWS secrets using the secretsmanager CLI command but am getting this error after the command just seems to hang for about 5-6 minutes:

An error occurred (InvalidSignatureException) when calling the GetSecretValue operation: Signature expired: 20240208T204704Z is now earlier than 20240208T204804Z (20240208T205304Z - 5 min.)

However, all other AWS CLI commands I have tried work fine on the VM such as aws sts get-caller-identity or aws s3 ls. I am able to retrieve the secret on my Mac which what the VM is running on and both my VM and Mac have identical ~/.aws/config and ~/.aws/credentials files.

I have checked my VMs datetime and it is correct and so is the timezone.

I also tried to reinstalled the AWS CLI but no luck.

Any ideas on why this command wont work on my VM?

1 Answer
1
  • Ensure that your Ubuntu VM is configured to use NTP (Network Time Protocol) to synchronize its clock with internet time servers. You can check if NTP is running and configured correctly with commands like timedatectl or by checking the NTP service status.
  • You can manually force a time synchronization using sudo ntpdate ntp.ubuntu.com or the appropriate command for your configured NTP service. This can help if your clock is slightly off but not visibly so.
  • Lastly, make sure you're running the latest version of the AWS CLI

If this has answered your question or was helpful, accepting the answer would be greatly appreciated. Thank you!

profile picture
EXPERT
answered 9 months ago
  • I have forced a time sync with sudo ntpdate ntp.ubuntu.com but no luck. However, timedatectl shows the correct time & day. Im currently on the latest AWS CLU (2.15.18).

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions