这可能是因为AWS Lambda函数中使用了过期的凭据。解决此问题的一种方法是通过在AWS中创建具有访问所需资源的IAM角色，并在Lambda函数中设置该角色来获取凭据。您也可以手动刷新凭据，并使用返回的新凭据更新环境变量。

以下是手动刷新AWS凭据并将其更新为环境变量的代码示例：

import boto3
from botocore.credentials import RefreshableCredentials

def get_updated_credentials():
    session = boto3.Session()
    credentials = RefreshableCredentials.create_from_metadata(
        metadata=boto3.Session().get_credentials().get_frozen_credentials(),
        refresh_using=get_role_credentials,
        method='sts-assume-role'
    )
    return credentials.get_frozen_credentials()

def get_role_credentials():
    client = boto3.client('sts')
    response = client.assume_role(
        RoleArn='ARN_OF_ROLE',
        RoleSessionName='SESSION_NAME'
    )
    return {
        'access_key': response['Credentials']['AccessKeyId'],
        'secret_key': response['Credentials']['SecretAccessKey'],
        'token': response['Credentials']['SessionToken'],
        'expiry_time': response['Credentials']['Expiration']
    }

def lambda_handler(event, context):
    credentials = get_updated_credentials()
    os.environ['AWS_ACCESS_KEY_ID'] = credentials.access_key
    os.environ['AWS_SECRET_ACCESS_KEY'] = credentials.secret_key
    os.environ['AWS_SESSION_TOKEN'] = credentials.token

    # rest of the code

请注意，“ARN_OF_ROLE”和“SESSION_NAME”应替换为您的IAM角色ARN和您为它选择的任何会话名称。