Fixing AWS Stack Apply Errors Due to Expired Tokens

Last updated: September 16, 2025

If your AWS stack apply process is failing with an "ExpiredToken" error after a short duration (typically 15 minutes), this is likely due to the session duration setting in your cloud integration being too short for long-running operations.

Error Symptoms

You may see an error similar to this:

Error: waiting for DMS Replication Instance create: operation error Database Migration Service: DescribeReplicationInstances, get identity: get credentials: failed to refresh cached credentials, operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: [request-id], api error ExpiredToken: The security token included in the request is expired

Solution

The issue is typically caused by the session duration in your AWS cloud integration being set too low. Here's how to fix it:

  1. Navigate to Cloud Integrations from the left navigation menu

  2. Click into your AWS cloud integration

  3. Click the "..." menu on the top right and select "Edit"

  4. Increase the session duration from 15 minutes to 1 hour (or longer as needed for your operations)

  5. Save the changes

Permission Requirements

Note that you need appropriate permissions to edit cloud integrations. If you don't see the edit option or cannot modify the settings, you'll need to:

  • Contact an administrator in your organization to make this change

  • Request the necessary permissions to manage cloud integrations

Once the session duration is increased, your AWS stack apply operations should complete successfully without timing out due to expired tokens.