[AWS::Kinesis::Stream] - [BUG] - Cannot deploy stream with enhanced shard-level monitorings

[badmintoncryer]

trafficstars

Name of the resource

AWS::Kinesis::Stream

Resource Name

No response

Issue Description

I couldn't deploy Kinesis stream with enhanced shard-level monitoring.

Expected Behavior

Successfully deploying a stream.

Observed Behavior

Results

kinesis-stream-shard-level-monitoring-stack | 10:43:36 PM | CREATE_FAILED        | AWS::Kinesis::Stream       | SimpleStream (SimpleStream4F8E3AC9) Resource handler returned message: "The security token included in the request is invalid (Service: Kinesis, Status Code: 400, Request ID: fd7a03c2-696a-d181-9dfe-418ae569d5cb, Extended Request ID: UqLVxtKBlT7KPBQIBGF5dU06QmNTGb/QCbkStdXoKVPGBGQ34lUwr2WRJ7dWfvKnozulbR1y4BdjlSF/NFYtJBFjE+0MkqX4) (SDK Attempt Count: 1)" (RequestToken: b77ca447-8613-b07e-20b5-caac9cd94080, HandlerErrorCode: GeneralServiceException)

Test Cases

Template

{
  "Resources": {
    "SimpleStream": {
      "Type": "AWS::Kinesis::Stream",
      "Properties": {
        "RetentionPeriodHours": 24,
        "ShardCount": 1,
        "DesiredShardLevelMetrics": [
          "IncomingBytes"
        ]
      },
      "UpdateReplacePolicy": "Retain",
      "DeletionPolicy": "Retain"
    }
  }
}

Other Details

I have tried several patterns of DesiredShardLevelMetrics and all patterns result in the same error.

• set only IncomingBytes
• set only ALL
• set [ "IncomingBytes", "IncomingRecords", "IteratorAgeMilliseconds", "OutgoingBytes", "OutgoingRecords", "WriteProvisionedThroughputExceeded", "ReadProvisionedThroughputExceeded" ]