anthropics
[BUG] Claude Code v1.0.27 with AWS Bedrock gives "API Error: 403 The security token included in the request is invalid."
Environment
- Platform (select one):
- [ ] Anthropic API
- [x] AWS Bedrock
- [ ] Google Vertex AI
- [ ] Other:
- Claude CLI version:
% claude update
Current version: 1.0.27
Checking for updates...
Claude Code is up to date (1.0.27)
- Operating System:
macOS 15.3.2 - Terminal:
Terminal App
Bug Description
I've followed https://docs.anthropic.com/en/docs/claude-code/amazon-bedrock and have setup claude to use aws bedrock. It suddenly started failing with API Error: 403 The security token included in the request is invalid..
I've the following environment variable set,
export CLAUDE_CODE_USE_BEDROCK=1
export DISABLE_PROMPT_CACHING=1
# Using inference profile ID
export ANTHROPIC_MODEL='us.anthropic.claude-3-7-sonnet-20250219-v1:0'
export ANTHROPIC_SMALL_FAST_MODEL='us.anthropic.claude-3-5-haiku-20241022-v1:0'
export AWS_REGION='us-east-1'
My AWS IAM user has the following permissions,
Policy JSONs expand/collapse
MarketplaceBedrockPolicy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "MarketplaceBedrock",
"Effect": "Allow",
"Action": [
"aws-marketplace:ViewSubscriptions",
"aws-marketplace:Unsubscribe",
"aws-marketplace:Subscribe"
],
"Resource": "*"
}
]
}
AmazonBedrockFullAccess:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "BedrockAll",
"Effect": "Allow",
"Action": [
"bedrock:*"
],
"Resource": "*"
},
{
"Sid": "DescribeKey",
"Effect": "Allow",
"Action": [
"kms:DescribeKey"
],
"Resource": "arn:*:kms:*:::*"
},
{
"Sid": "APIsWithAllResourceAccess",
"Effect": "Allow",
"Action": [
"iam:ListRoles",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups"
],
"Resource": "*"
},
{
"Sid": "MarketplaceModelEndpointMutatingAPIs",
"Effect": "Allow",
"Action": [
"sagemaker:CreateEndpoint",
"sagemaker:CreateEndpointConfig",
"sagemaker:CreateModel",
"sagemaker:DeleteEndpoint",
"sagemaker:UpdateEndpoint"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*",
"arn:aws:sagemaker:*:*:endpoint-config/*",
"arn:aws:sagemaker:*:*:model/*"
],
"Condition": {
"StringEquals": {
"aws:CalledViaLast": "bedrock.amazonaws.com",
"aws:ResourceTag/sagemaker-sdk:bedrock": "compatible"
}
}
},
{
"Sid": "MarketplaceModelEndpointAddTagsOperations",
"Effect": "Allow",
"Action": [
"sagemaker:AddTags"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*",
"arn:aws:sagemaker:*:*:endpoint-config/*",
"arn:aws:sagemaker:*:*:model/*"
],
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"sagemaker-sdk:bedrock",
"bedrock:marketplace-registration-status",
"sagemaker-studio:hub-content-arn"
]
},
"StringLike": {
"aws:RequestTag/sagemaker-sdk:bedrock": "compatible",
"aws:RequestTag/bedrock:marketplace-registration-status": "registered",
"aws:RequestTag/sagemaker-studio:hub-content-arn": "arn:aws:sagemaker:*:aws:hub-content/SageMakerPublicHub/Model/*"
}
}
},
{
"Sid": "MarketplaceModelEndpointDeleteTagsOperations",
"Effect": "Allow",
"Action": [
"sagemaker:DeleteTags"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*",
"arn:aws:sagemaker:*:*:endpoint-config/*",
"arn:aws:sagemaker:*:*:model/*"
],
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"sagemaker-sdk:bedrock",
"bedrock:marketplace-registration-status",
"sagemaker-studio:hub-content-arn"
]
},
"StringLike": {
"aws:ResourceTag/sagemaker-sdk:bedrock": "compatible",
"aws:ResourceTag/bedrock:marketplace-registration-status": "registered",
"aws:ResourceTag/sagemaker-studio:hub-content-arn": "arn:aws:sagemaker:*:aws:hub-content/SageMakerPublicHub/Model/*"
}
}
},
{
"Sid": "MarketplaceModelEndpointNonMutatingAPIs",
"Effect": "Allow",
"Action": [
"sagemaker:DescribeEndpoint",
"sagemaker:DescribeEndpointConfig",
"sagemaker:DescribeModel",
"sagemaker:ListTags"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*",
"arn:aws:sagemaker:*:*:endpoint-config/*",
"arn:aws:sagemaker:*:*:model/*"
],
"Condition": {
"StringEquals": {
"aws:CalledViaLast": "bedrock.amazonaws.com"
}
}
},
{
"Sid": "MarketplaceModelEndpointInvokingOperations",
"Effect": "Allow",
"Action": [
"sagemaker:InvokeEndpoint",
"sagemaker:InvokeEndpointWithResponseStream"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*"
],
"Condition": {
"StringEquals": {
"aws:CalledViaLast": "bedrock.amazonaws.com",
"aws:ResourceTag/sagemaker-sdk:bedrock": "compatible"
}
}
},
{
"Sid": "DiscoveringMarketplaceModel",
"Effect": "Allow",
"Action": [
"sagemaker:DescribeHubContent"
],
"Resource": [
"arn:aws:sagemaker:*:aws:hub-content/SageMakerPublicHub/Model/*",
"arn:aws:sagemaker:*:aws:hub/SageMakerPublicHub"
]
},
{
"Sid": "AllowMarketplaceModelsListing",
"Effect": "Allow",
"Action": [
"sagemaker:ListHubContents"
],
"Resource": "arn:aws:sagemaker:*:aws:hub/SageMakerPublicHub"
},
{
"Sid": "PassRoleToSageMaker",
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": [
"arn:aws:iam::*:role/*SageMaker*ForBedrock*"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"sagemaker.amazonaws.com",
"bedrock.amazonaws.com"
]
}
}
},
{
"Sid": "PassRoleToBedrock",
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": "arn:aws:iam::*:role/*AmazonBedrock*",
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"bedrock.amazonaws.com"
]
}
}
}
]
}
Steps to Reproduce
- See above
Expected Behavior
Claude code just works fine!
Actual Behavior
% claude
╭────────────────────────────────────────────────────────────────────────────╮
│ ✻ Welcome to Claude Code! │
│ │
│ /help for help, /status for your current setup │
│ │
│ cwd: /Users/first.last/Documents/Data/03_coderepos/my-project │
│ │
│ ──────────────────────────────────────────────────────────────────────── │
│ │
│ Overrides (via env): │
│ │
│ • Prompt caching: off │
╰────────────────────────────────────────────────────────────────────────────╯
※ Tip: Press Esc twice to edit your previous messages
> given the report '/Users/first.last/Downloads/report_3163462.pdf', make the appropriate fixes in the project to help avoid this vulnerabilities
⎿ API Error: 403 The security token included in the request is invalid.
> /exit
⎿ (no content)
╭────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ > │
╰────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
? for shortcuts
Total cost: $0.0000
Total duration (API): 0s
Total duration (wall): 18.9s
Total code changes: 0 lines added, 0 lines removed
Tokens: 0 input, 0 output, 0 cache read, 0 cache write
Additional Context
@levpopov I did try to update to latest 1.29 as of this morning, but the problem still exists,
% claude update
Current version: 1.0.27
Checking for updates...
New version available: 1.0.29 (current: 1.0.27)
Installing update...
Using global installation update method...
Successfully updated from 1.0.27 to version 1.0.29
and here is the /status output,
Claude Code Status v1.0.29
L Session ID: ec3bb27c-2aa0-47a2-a346-0e082cfff443
Working Directory
L /Users/first.last/Documents/repo
API Configuration
L API Provider: AWS Bedrock
L AWS Region: us-east-1
Memory • /memory
L user: ~/.claude/CLAUDE.md
Model • /model
L us.anthropic.claude-3-7-sonnet-20250219-v1:0
Press Enter to continue…
Same problem with today's update too,
% claude update
Current version: 1.0.29
Checking for updates...
New version available: 1.0.30 (current: 1.0.29)
Installing update...
Using global installation update method...
Successfully updated from 1.0.29 to version 1.0.30
@ant-kurt could you please see the above and let me know what I might be missing here which caused this sudden seizure of this setup working. Thank you in advance!
@msmygit how are you authenticating to Bedrock? This 403 indicates your credentials are expired, and you'll need to run something like aws configure, aws sso login, or set new AWS_* environment variables again.
@ant-kurt I've done aws configure and have a profiled named bedrock and I can see it under ~/.aws/credentials file too.
~/.aws/config file has,
[profile bedrock]
region = us-east-1
output = json
and ~/.aws/credentials has,
[bedrock]
aws_access_key_id=REDACTED
aws_secret_access_key=REDACTED
fwiw, aws-cli/2.25.7 Python/3.12.9 Darwin/24.3.0 exe/x86_64
Thank you this works now! But, definitely this is a new change in behavior that is not captured in the docs
Hmm - I don't think we've made any changes to the AWS auth flow here, in that we require either an AWS_PROFILE with relevant .aws entries, or AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY etc. Let me know if you run into any other issues.
@ant-kurt I am seeing same error but on modal container.
wondering if you have any thoughts or should i try to check with modal team.
SystemMessage(subtype='init', data={'type': 'system', 'subtype': 'init', 'cwd': '/tmp', 'session_id': '89c7a90a-b2b9-4a4e-a599-8bd29912d963', 'tools': ['Task', 'Bash', 'Glob', 'Grep', 'LS', 'ExitPlanMode', 'Read', 'Edit', 'MultiEdit', 'Write', 'NotebookRead', 'NotebookEdit', 'WebFetch', 'TodoWrite'], 'mcp_servers': [], 'model': 'claude-sonnet-4-20250514', 'permissionMode': 'default', 'apiKeySource': 'ANTHROPIC_API_KEY'})
| AssistantMessage(content=[TextBlock(text='API Error: 403 The security token included in the request is invalid.')]) ResultMessage(subtype='success', duration_ms=181053, duration_api_ms=0, is_error=True, num_turns=1, session_id='89c7a90a-b2b9-4a4e-a599-8bd29912d963', total_cost_usd=0, usage={'input_tokens': 0, 'cache_creation_input_tokens': 0, 'cache_read_input_tokens': 0, 'output_tokens': 0, 'server_tool_use': {'web_search_requests': 0}, 'service_tier': 'standard'}, result='API Error: 403 The security token included in the request is invalid.')
This issue has been automatically locked since it was closed and has not had any activity for 7 days. If you're experiencing a similar issue, please file a new issue and reference this one if it's relevant.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}