Category Archives: AWS

An error occurred (UnrecognizedClientException) when calling the CreateFunction operation: The security token included in the request is invalid.

Hi everyone,

I ran into the following error today while attempting to create a Lambda function using the CLI:

An error occurred (UnrecognizedClientException) when calling the CreateFunction operation: The security token included in the request is invalid.

The first thing to check is that your aws config is setup correctly. For me this is under c:\users\chris-pc\.aws\.

If that looks fine, double check that the associated user has the correct rights by viewing the IAM page in the server console: https://console.aws.amazon.com/iam/home

Finally, ensure that the user has programmatic access and that the keys match those in your config.

FAILED. Reason: Requires capabilities : [CAPABILITY_IAM] – AWS SAM

Hi everyone,

I ran into an error today while trying to deploy using AWS SAM:

aws cloudformation deploy –template-file C:\Users\xxx\serverless-output.yaml –stack-name events-app
Failed to create the changeset: Waiter ChangeSetCreateComplete failed: Waiter encountered a terminal failure state Status: FAILED. Reason: Requires capabilities : [CAPABILITY_IAM]

The solution is pretty straightforward. You need to explicitly add –capabilities CAPABILITY_IAM to you command:

aws cloudformation deploy --template-file C:\Users\xxx\serverless-output.yaml --stack-name events-app --capabilities CAPABILITY_IAM>

Thanks to Bfreis for his comment on this github issue: https://github.com/awslabs/serverless-application-model/issues/51

Serverless Offline Error – sls offline start

Hi everyone,

I ran into the following error while trying to start serverless offline:

serverles events.js:160
throw er Unhandled ‘error’ event spawn java ENOENT at exports._errnoException (util.js:1020:11) at Process.ChildProcess._handle.onexit (internal/child_process.js:197:32) at onErrorNT (internal/child_process.js:376:16) at _combinedTickCallback (internal/process/next_tick.js:80:11) at process._tickDomainCallback (internal/process/next_tick.js:128:9)

Solution
It turned out to be because I didn’t have the Java JDK installed.

I expect you’ll have the same problem if the command prompt doesn’t have access to the JAVA_HOME variable or if your JAVA_HOME path isn’t set correctly.

AWS CLI Copy from Bucket – An error occurred (AccessDenied) when calling the CopyObject operation: Access Denied

Hi everyone,

I ran into the following error while trying to copy files from one bucket to another using the AWS CLI:

An error occurred (AccessDenied) when calling the CopyObject operation: Access Denied

Thankfully this one is pretty self-explanatory. My user was missing the permissions required to view the bucket.

To see your user: aws configure list
To add permissions: view the IAM Management Console

Thanks,
Chris

AWS CLI Copy to Bucket – Could not connect to the endpoint URL

Hi everyone,

I ran into the following error while attempting to copy files to a bucket via the AWS CLI:

Could not connect to the endpoint URL: “https://wildrydes-us-east-1.s3.wildrydesxxxx.amazonaws.com/?prefix=WebApplication%2F1_StaticWebHosting%2Fwebsite%2F&encoding-type=url”

The solution turned out to be pretty straight-forward. The region on the cli-config was set incorrectly. For example, mine was set to “Sydney” instead of “ap-southeast-2”. Type “aws configure list” to check what yours is set to.

Thanks to the following stackoverflow post for the info: https://stackoverflow.com/a/40411174/522859

Unable to Access RDS Database from Elastic Beanstalk Application

Hey everyone,

I ran into a bit of an issue today where I was unable to access my RDS SQL Express instance from my .NET Elastic Beanstalk instance. I was receiving the following error:

  1. The server was not found or was not accessible.

The solution turned out to be fairly simply thanks to this StackOverflow post: http://stackoverflow.com/a/33207022/522859

Get your server instance security group:
– Log into AWS
– Navigate to elastic beanstalk
– Open your application instance
– Open configuration
– Open instances
– Find “server” on the page and copy the value in the “EC2 security groups” field

Add your server instance security group to your rds rules:
– Navigate to the RDS Dashboard
– Open your RDS instance
– Click on view details (left hand side or top)
– Find Security and Network
– Click on the rds-launch-wizard under security groups
– Click on inbound rules (very bottom currently)
– Add a new inbound rule with the copied security group as the source