[BUG] Claude Code v1.0.27 with AWS Bedrock gives "API Error: 403 The security token included in the request is invalid."
Resolved 💬 10 comments Opened Jun 18, 2025 by msmygit Closed Jun 24, 2025
Environment
- Platform (select one):
- [ ] Anthropic API
- [x] AWS Bedrock
- [ ] Google Vertex AI
- [ ] Other: <!-- specify -->
- Claude CLI version:
% claude update
Current version: 1.0.27
Checking for updates...
Claude Code is up to date (1.0.27)
- Operating System:
macOS 15.3.2 - Terminal:
Terminal App
Bug Description
I've followed https://docs.anthropic.com/en/docs/claude-code/amazon-bedrock and have setup claude to use aws bedrock. It suddenly started failing with API Error: 403 The security token included in the request is invalid..
I've the following environment variable set,
export CLAUDE_CODE_USE_BEDROCK=1
export DISABLE_PROMPT_CACHING=1
# Using inference profile ID
export ANTHROPIC_MODEL='us.anthropic.claude-3-7-sonnet-20250219-v1:0'
export ANTHROPIC_SMALL_FAST_MODEL='us.anthropic.claude-3-5-haiku-20241022-v1:0'
export AWS_REGION='us-east-1'
My AWS IAM user has the following permissions,
<img width="1068" alt="Image" src="https://github.com/user-attachments/assets/5260f2d4-895b-4d11-b834-e2ff0958f27d" />
<details>
<summary>Policy JSONs expand/collapse</summary>
MarketplaceBedrockPolicy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "MarketplaceBedrock",
"Effect": "Allow",
"Action": [
"aws-marketplace:ViewSubscriptions",
"aws-marketplace:Unsubscribe",
"aws-marketplace:Subscribe"
],
"Resource": "*"
}
]
}
AmazonBedrockFullAccess:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "BedrockAll",
"Effect": "Allow",
"Action": [
"bedrock:*"
],
"Resource": "*"
},
{
"Sid": "DescribeKey",
"Effect": "Allow",
"Action": [
"kms:DescribeKey"
],
"Resource": "arn:*:kms:*:::*"
},
{
"Sid": "APIsWithAllResourceAccess",
"Effect": "Allow",
"Action": [
"iam:ListRoles",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups"
],
"Resource": "*"
},
{
"Sid": "MarketplaceModelEndpointMutatingAPIs",
"Effect": "Allow",
"Action": [
"sagemaker:CreateEndpoint",
"sagemaker:CreateEndpointConfig",
"sagemaker:CreateModel",
"sagemaker:DeleteEndpoint",
"sagemaker:UpdateEndpoint"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*",
"arn:aws:sagemaker:*:*:endpoint-config/*",
"arn:aws:sagemaker:*:*:model/*"
],
"Condition": {
"StringEquals": {
"aws:CalledViaLast": "bedrock.amazonaws.com",
"aws:ResourceTag/sagemaker-sdk:bedrock": "compatible"
}
}
},
{
"Sid": "MarketplaceModelEndpointAddTagsOperations",
"Effect": "Allow",
"Action": [
"sagemaker:AddTags"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*",
"arn:aws:sagemaker:*:*:endpoint-config/*",
"arn:aws:sagemaker:*:*:model/*"
],
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"sagemaker-sdk:bedrock",
"bedrock:marketplace-registration-status",
"sagemaker-studio:hub-content-arn"
]
},
"StringLike": {
"aws:RequestTag/sagemaker-sdk:bedrock": "compatible",
"aws:RequestTag/bedrock:marketplace-registration-status": "registered",
"aws:RequestTag/sagemaker-studio:hub-content-arn": "arn:aws:sagemaker:*:aws:hub-content/SageMakerPublicHub/Model/*"
}
}
},
{
"Sid": "MarketplaceModelEndpointDeleteTagsOperations",
"Effect": "Allow",
"Action": [
"sagemaker:DeleteTags"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*",
"arn:aws:sagemaker:*:*:endpoint-config/*",
"arn:aws:sagemaker:*:*:model/*"
],
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"sagemaker-sdk:bedrock",
"bedrock:marketplace-registration-status",
"sagemaker-studio:hub-content-arn"
]
},
"StringLike": {
"aws:ResourceTag/sagemaker-sdk:bedrock": "compatible",
"aws:ResourceTag/bedrock:marketplace-registration-status": "registered",
"aws:ResourceTag/sagemaker-studio:hub-content-arn": "arn:aws:sagemaker:*:aws:hub-content/SageMakerPublicHub/Model/*"
}
}
},
{
"Sid": "MarketplaceModelEndpointNonMutatingAPIs",
"Effect": "Allow",
"Action": [
"sagemaker:DescribeEndpoint",
"sagemaker:DescribeEndpointConfig",
"sagemaker:DescribeModel",
"sagemaker:ListTags"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*",
"arn:aws:sagemaker:*:*:endpoint-config/*",
"arn:aws:sagemaker:*:*:model/*"
],
"Condition": {
"StringEquals": {
"aws:CalledViaLast": "bedrock.amazonaws.com"
}
}
},
{
"Sid": "MarketplaceModelEndpointInvokingOperations",
"Effect": "Allow",
"Action": [
"sagemaker:InvokeEndpoint",
"sagemaker:InvokeEndpointWithResponseStream"
],
"Resource": [
"arn:aws:sagemaker:*:*:endpoint/*"
],
"Condition": {
"StringEquals": {
"aws:CalledViaLast": "bedrock.amazonaws.com",
"aws:ResourceTag/sagemaker-sdk:bedrock": "compatible"
}
}
},
{
"Sid": "DiscoveringMarketplaceModel",
"Effect": "Allow",
"Action": [
"sagemaker:DescribeHubContent"
],
"Resource": [
"arn:aws:sagemaker:*:aws:hub-content/SageMakerPublicHub/Model/*",
"arn:aws:sagemaker:*:aws:hub/SageMakerPublicHub"
]
},
{
"Sid": "AllowMarketplaceModelsListing",
"Effect": "Allow",
"Action": [
"sagemaker:ListHubContents"
],
"Resource": "arn:aws:sagemaker:*:aws:hub/SageMakerPublicHub"
},
{
"Sid": "PassRoleToSageMaker",
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": [
"arn:aws:iam::*:role/*SageMaker*ForBedrock*"
],
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"sagemaker.amazonaws.com",
"bedrock.amazonaws.com"
]
}
}
},
{
"Sid": "PassRoleToBedrock",
"Effect": "Allow",
"Action": [
"iam:PassRole"
],
"Resource": "arn:aws:iam::*:role/*AmazonBedrock*",
"Condition": {
"StringEquals": {
"iam:PassedToService": [
"bedrock.amazonaws.com"
]
}
}
}
]
}
</details>
Steps to Reproduce
- See above
Expected Behavior
Claude code just works fine!
Actual Behavior
% claude
╭────────────────────────────────────────────────────────────────────────────╮
│ ✻ Welcome to Claude Code! │
│ │
│ /help for help, /status for your current setup │
│ │
│ cwd: /Users/first.last/Documents/Data/03_coderepos/my-project │
│ │
│ ──────────────────────────────────────────────────────────────────────── │
│ │
│ Overrides (via env): │
│ │
│ • Prompt caching: off │
╰────────────────────────────────────────────────────────────────────────────╯
※ Tip: Press Esc twice to edit your previous messages
> given the report '/Users/first.last/Downloads/report_3163462.pdf', make the appropriate fixes in the project to help avoid this vulnerabilities
⎿ API Error: 403 The security token included in the request is invalid.
> /exit
⎿ (no content)
╭────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ > │
╰────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
? for shortcuts
Total cost: $0.0000
Total duration (API): 0s
Total duration (wall): 18.9s
Total code changes: 0 lines added, 0 lines removed
Tokens: 0 input, 0 output, 0 cache read, 0 cache write
Additional Context
<!-- Add any other context about the problem here, such as screenshots, logs, etc. -->
This issue has 10 comments on GitHub. Read the full discussion on GitHub ↗