I'm getting a weird error where I try to run an AWS CLI command. For example:
pierre@HAL9000:~# aws sts get-caller-identity
An error occurred (SignatureDoesNotMatch) when calling the GetCallerIdentity operation: Signature expired: 20230822T072529Z is now earlier than 20230822T193257Z (20230822T194757Z - 15 min.)
I updated to the latest AWS CLI version, no dice. I also made sure that my ~/.aws/credential and ~/.aws/config had correct keys. I checked on my other machine, and the same exact config and credentials worked on my other machine.
I found this page that tries to described what the error means: https://docs.aws.amazon.com/IAM/latest/UserGuide/signature-v4-troubleshooting.html
But still not very clear to me... Any ideas what's wrong here?!
I found the issue. My system clock was wrong. To give even more details, this was on Windows WSL2 (the Linux subsystem's clock got out of sync with the host time, suposedly a known issue with WSL2...). Not that it matters why the system clock was out of date, but it was out of date. Once I fixed that, I can run my AWS CLI commands just fine again:
pierre@HAL9000:/root$ date
Tue Aug 22 03:31:45 EDT 2023 <-- uho, this is the wrong time!
pierre@HAL9000:/root$ sudo hwclock -s
[sudo] password for pierre:
pierre@HAL9000:/root$ date
Tue Aug 22 15:54:45 EDT 2023 <-- yay, that's the correct time!
pierre@HAL9000:/root$ aws sts get-caller-identity
{
"UserId": "lol-I-removed-that-part",
"Account": "lol-I-removed-that-part-too",
"Arn": "arn:aws:iam::MYACCOUNTNUM:user/Pierre"
}
So, yeah, that error message pretty much said what my problem was: AWS got pretty much confused by some expiration date that didn't compute with my system date/time...