I'm trying to deploy a Django application onto Elastic Beanstalk for the first time. I've been following two tutorials here and here for assistance but I am running into an issue the tutorials do not seem to cover.

The steps I followed so far was that I installed awsebcli into a Python3.4 virtual environment and cd to my projects directory. I then call eb init. I am then prompted to type in my access keys. I had saved them to a text file so I simply copy and pasted my keys (ensuring no trailing white spaces) into the terminal.

The problem is that an error is thrown back:

ERROR: Operation Denied. The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.

The weird thing is that on subsequent attempts an error pops up earlier after I enter the region number for my deployment. But it still prompts me for the keys anyway:

ERROR: The current user does not have the correct permissions. Reason: Operation Denied. The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.

Here is the full output of eb init --debug:

e$ eb init -- debug

Select a default region
1) us-east-1 : US East (N. Virginia)
2) us-west-1 : US West (N. California)
3) us-west-2 : US West (Oregon)
4) eu-west-1 : EU (Ireland)
5) eu-central-1 : EU (Frankfurt)
6) ap-south-1 : Asia Pacific (Mumbai)
7) ap-southeast-1 : Asia Pacific (Singapore)
8) ap-southeast-2 : Asia Pacific (Sydney)
9) ap-northeast-1 : Asia Pacific (Tokyo)
10) ap-northeast-2 : Asia Pacific (Seoul)
11) sa-east-1 : South America (Sao Paulo)
12) cn-north-1 : China (Beijing)
(default is 3): 3
ERROR: The current user does not have the correct permissions. Reason: Operation Denied. The security token included in the request is invalid.
You have not yet set up your credentials or your credentials are incorrect 
You must provide your credentials.
(aws-access-id): xxxxxxxxxxxxxxxxxxxxx
(aws-secret-key): xxxxxxxxxxxxxxxxxxxxxxxxxxx
ERROR: Operation Denied. The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.

The Canonical String for this request should have been
'POST
/

host:elasticbeanstalk.us-west-2.amazonaws.com
x-amz-content-sha256:2dc533b6c6fe3c628385d2b22bfa9e25e75730ee05f85d3b1ce7bacddc535e27
x-amz-date:20160719T134302Z

host;x-amz-content-sha256;x-amz-date
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

The String-to-Sign should have been
'AWS4-HMAC-SHA256
20160719T134302Z
20160719/us-west-2/elasticbeanstalk/aws4_request
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

So it turns out the issue was that my security keys were "out of date". This is due to my IAM permissions being changed between the generation of the first set of keys and the attempt to deploy my application.

Generating a new set of keys solved the problem.