Pipeline build fails using "withAWS"

[Ramanathan Muthaiah]

Hello,

Pls excuse for the lengthy post.

Am looking to make use of IAM roles in the given AWS account (jenkins master runs in the same account) and run packer build to generate AMI.
This is to avoid storing / using AWS keys in Jenkins master.

For this purpose, I wanted to make use of this plugin, https://github.com/jenkinsci/pipeline-aws-plugin

Jenkins master is at v2.32.3

This is the primitive pipeline code which am attempting but it fails with error pointing to secure token being non-available.

Has anyone got this plugin working with pipeline script ?

node {
    stage('aws') {
        withAWS(role:'jenkins-ec2-master') {
          // awsIdentity()
        }
    }
}

For your ref, attached snippet of errors from build console log.

>>>>>>>>>>>>>>>>>>>>>>>>>>

com.amazonaws.services.securitytoken.model.AWSSecurityTokenServiceException: The security token included in the request is expired (Service: AWSSecurityTokenService; Status Code: 403; Error Code: ExpiredToken; Request ID: 1c2975ed-210d-11e7-a78a-896df2d6846b)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1545)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1183)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:964)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:676)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:650)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:633)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:601)
    at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:583)
    at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:447)
    at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.doInvoke(AWSSecurityTokenServiceClient.java:1188)
    at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1164)
    at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.getCallerIdentity(AWSSecurityTokenServiceClient.java:874)