When working with AWS command line tools such as aws or their PowerShell tools, you will from time to time encounter that the error message for the failing command will be an encoded error message.
To be able to view this, you need to use the aws tool to decode the error message. The output of the encoded error message is in the JSON format, and the content is often a massive block of text, not easily readable.
This is however easy to fix by adjusting the parameters you use for aws and piping its output to the very handy command line tool jq.
aws sts decode-authorization-message --encoded-message $msg --query DecodedMessage --output text | jq '.'
You will have to add the encoded error message to the variable $msg for this to work.
If you are missing the jq tool, you can easily add this by using your favoured package manager, i.e. apt install jq or choco install jq -y on Windows (you do of course use choco?).