Security token error while starting up BE Inference engine using Kinesis Channel

Security token error while starting up BE Inference engine using Kinesis Channel

book

Article ID: KB0075016

calendar_today

Updated On:

Products Versions
TIBCO BusinessEvents Enterprise Edition 5.6.1

Description

Following Error was seen when starting BE inference agent using AWS Kinesis Channels.
  
Error [inference-producer.HiResTimer] - [custom.channel] [inference-producer] Destination:Exception occured while invoking send on destination : [/Channels/KinesisChannel/Stockdest]
com.amazonaws.services.kinesis.model.AmazonKinesisException: The security token included in the request is invalid. (Service: AmazonKinesis; Status Code: 400; Error Code: UnrecognizedClientException; Request ID: cf8fbd89-15ef-5e64-98bc-d604eb0424ef)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1695)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1350)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1101)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:758)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:732)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:714)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:674)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:656)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:520)
at com.amazonaws.services.kinesis.AmazonKinesisClient.doInvoke(AmazonKinesisClient.java:2803)
at com.amazonaws.services.kinesis.AmazonKinesisClient.invoke(AmazonKinesisClient.java:2772)
at com.amazonaws.services.kinesis.AmazonKinesisClient.invoke(AmazonKinesisClient.java:2761)
at com.amazonaws.services.kinesis.AmazonKinesisClient.executePutRecord(AmazonKinesisClient.java:2009)
at com.amazonaws.services.kinesis.AmazonKinesisClient.putRecord(AmazonKinesisClient.java:1980)
at com.tibco.cep.driver.kinesis.KinesisDestination.send(KinesisDestination.java:112)
at com.tibco.be.custom.channel.framework.CustomDestination.send(CustomDestination.java:118)
at com.tibco.cep.runtime.channel.impl.ChannelManagerImpl.sendEvent(ChannelManagerImpl.java:178)
at com.tibco.cep.runtime.channel.impl.ChannelManagerImpl.sendEvent(ChannelManagerImpl.java:161)
at com.tibco.be.functions.event.EventHelper.sendEvent_Impl(SourceFile:132)
at com.tibco.be.functions.event.EventHelper.sendEvent(SourceFile:112)
at be.gen.Rules.SendRecordRule$SendRecordRule_a.execute(SendRecordRule.java:50)
at com.tibco.cep.kernel.core.rete.ReteWM.resolveConflict(SourceFile:401)
at com.tibco.cep.kernel.core.rete.ReteWM.void(SourceFile:377)
at com.tibco.cep.kernel.core.rete.ReteWM.fireRepeatEvent(SourceFile:2208)
at com.tibco.cep.runtime.service.time.BETimeManager$RepeatTimeEventTask.execute(BETimeManager.java:280)
at com.tibco.cep.kernel.helper.HiResTimer$HiResTimerThread.a(SourceFile:287)
at com.tibco.cep.kernel.helper.HiResTimer$HiResTimerThread.run(SourceFile:224)

Issue/Introduction

Error (com.amazonaws.services.kinesis.model.AmazonKinesisException: The security token included in the request is invalid) while starting up BE Inference engine using Kinesis Channel

Environment

All

Resolution

There could be multiple reasons for the given error.
1.) Check if Access Key/Secret Key/Profile Name specified in the BE "Kinesis Channel Properties" section are valid. 
2.) If one is using Temporary Security Credentials & for that they need to have AWS_SESSION_TOKEN i.e. session token as well to be passed. This session token can be added under ~/.aws/credentials (AWS Shared Credentials file)

Additional Information

https://docs.aws.amazon.com/cli/latest/topic/config-vars.html
Powered by Wolken Software