When accessing aws in a docker container, I ran into this error.
app_1 | botocore.exceptions.ClientError: An error occurred (InvalidSignatureException) when calling the Decrypt operation: Signature not yet current: 20180131T152813Z is still later than 20180131T152519Z (20180131T152019Z + 5 min.)
cardgen_1 | DNS fwd/rev mismatch: app != lccardgenerators_app_1.lccardgenerators_default
This seems to be caused to this known issue of container time being out of sync discussed here: https://forums.docker.com/t/time-in-container-is-out-of-sync/16566
To verify the assumption, go into the container by running
docker exec -it container_name bash and run
Compare it with my computers (host of the container) clock:
The system clock of the container is off Amazon’s clock by more than 5 minutes, the maximum allowed by Amazon’s signature algorithm. This is why is causing the error.
To fix, sync the containers time at the start using
ntpdate time.nist.gov or simply restart docker.