AWS Credential verification from the command line (CLI) DescriptionThere are situations where the AWS Discovery fails with multiple errors and it goes difficult to understand where the issue is from, it could be AWS Credential, ServiceNow Cloud API, MID server, or any other reasons, this article will demonstrate to verify the AWS credentials from Command line to narrow down the issue. Common Errors <results error="Method failed: (/) with code: 401 - Invalid username/password combo" probe_time="101"> <result error="Method failed: (/) with code: 401 - Invalid username/password combo"> <output> <?xml version="1.0" encoding="UTF-8"?> <Response><Errors><Error><Code>AuthFailure</Code><Message>AWS was not able to validate the provided access credentials</Message></Error></Errors><RequestID>50b89cf8-152b-49f1-99e9-ecf2a5101f22</RequestID></Response> </output> <results error="Method failed: (/) with code: 403 - Forbidden username/password combo" probe_time="146"> <result error="Method failed: (/) with code: 403 - Forbidden username/password combo"> <output> <ErrorResponse xmlns="http://autoscaling.amazonaws.com/doc/2011-01-01/"> <Error> <Type>Sender</Type> <Code>InvalidClientTokenId</Code> <Message>The security token included in the request is invalid.</Message> </Error> <RequestId>cab3bb2b-633d-11e6-8209-eb0a64f487d1</RequestId> </ErrorResponse> AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure; Request ID: 0f4d4254-7ef1-4b31-9d83-dd99cbb9b471) Prerequisite As mentioned in our documentation (AWS credentials for Cloud Management), to configure an AWS Cloud account you need the following information from Amazon: AWS account number.Access key ID.Secret access key The Access key and Secret key are used in AWS credentials and the Account number is used to create Service Account Verification from CLI Note: Once the Credentials are saved in the ServiceNow Credentials table, the provided secret key is not visible and it will not be possible to know, Customer must need to have all the information handy for verification. Log in to the MID serverInstall the Command-line interface according to the OS, see: Install the AWS Command Line Interface on macOSInstall the AWS Command Line Interface on Microsoft WindowsInstall the AWS Command Line Interface on Linux Verify the configuration of AWS Command Line Configuring the AWS CLI Command to be executed to verify the credentials: aws configureOnce this command has been executed, provide the Access Key and Secret Key as provided to the ServiceNow AWS configuration, the Region and output format can be provided as per your preferAs soon as the command runs, it will pick up the provided configuration without errorTo verify further, you can run any other command to list out the configuration, see screenshot for an example, executed to list the S3 buckets available and failed with the authentication error