ERROR: InvalidClientTokenId: -- But create works as expected

[kabakakao]

Hello,
I do an assume role to another account with my own script. After that I export some environment variables:
AWS_SECRET_ACCESS_KEY
AWS_ACCESS_KEY_ID
AWS_SECURITY_TOKEN
AWS_SESSION_TOKEN (same content as AWS_SECURITY_TOKEN)
AWS_STS_ROLE_ARN

My .sfn looks as follows:

Configuration.new do
  credentials do
    provider :aws
    aws_access_key_id ENV['AWS_ACCESS_KEY_ID']
    aws_secret_access_key ENV['AWS_SECRET_ACCESS_KEY']
    aws_sts_session_token ENV['AWS_SESSION_TOKEN']
    aws_sts_token ENV['AWS_SECURITY_TOKEN']
    aws_sts_role_arn ENV['AWS_STS_ROLE_ARN']
    aws_region ENV['AWS_REGION']

  end
  options do
    on_failure 'nothing'
    capabilities ['CAPABILITY_IAM']
    tags do
      creator ENV['USER']
    end
  end
end

Now, when I create a new Stack with the following command:
sfn create DEV-LOGSTASH -c .sfn --file out/logstash.json --no-processing --apply-stack DEV-BASE --defaults

I starts creating the Stack, but throws following error:
ERROR: Miasma::Error::ApiError::RequestError: Forbidden - InvalidClientTokenId: The security token included in the request is invalid.
Were does it come from? The Stack is creating in the correct account and is working like expected.
Can you tell me, where my problem is?

Here are my used versions:
miasma (0.3.2) miasma-aws (0.3.4) miasma-azure (0.1.2) miasma-google (0.1.0) miasma-open-stack (0.1.4) miasma-rackspace (0.1.2) sfn (3.0.18) sparkle_formation (3.0.10)

[runningman84]

It looks like specifcing the config with "-c" is causing this problem. Without the "-c" option I do not get this error anymore.

[chrisroberts]

Interesting. The behavior shouldn't be different. I'll try and get this to repro locally and see why it's causing a different behavior.