Can't access OIDC token from github workflow in one runner but not the other

I'm trying to get my Github workflows running on self-hosted runners. I've got the self-hosted runner installed on two computers:

• Macbook Pro
• Ubuntu desktop

The Macbook pro runner works fine, but the Ubuntu runner fail at this step:

- name: Assume role using OIDC
  uses: aws-actions/configure-aws-credentials@master
  with:
    role-to-assume: arn:aws:iam::123456789012:role/github-connection-role
    aws-region: us-west-2

With this error:

Error: The security token included in the request is invalid.

For more context, here's the entire workflow

name: Deploy
on:
  push:
    branches:
      - main

jobs:
  ci:
    name: Build and deploy with Node 16
    timeout-minutes: 60
    runs-on: self-hosted

    permissions:
      id-token: write
      contents: read

    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Use Node.js 16
        uses: actions/setup-node@v3
        with:
          node-version: 16
          cache: 'npm'
          cache-dependency-path: package-lock.json

      - name: Install dependencies
        run: npm install

      - name: Build
        run: npm run build

      - name: Assume role using OIDC
        uses: aws-actions/configure-aws-credentials@master
        with:
          role-to-assume: arn:aws:iam::123456789012:role/github-connection-role
          aws-region: us-west-2

      - name: Deploy
        run: npx cdk deploy app-production-stack --ci --require-approval never

Is there something I need to configure on the runner host before it can access security tokens in running jobs?

The issue ended up being that my Ubuntu computer was configured with expired AWS credentials. I assumed the host AWS wasn't used by the runner. I was able to fix the issue by updating the Ubuntu ~/.aws/credentials file to include a default profile that has permission to assume my github-connection-role role.