diff --git a/builtin/credential/aws/path_config_client.go b/builtin/credential/aws/path_config_client.go
index df1a6234d611..9242ebd14716 100644
--- a/builtin/credential/aws/path_config_client.go
+++ b/builtin/credential/aws/path_config_client.go
@@ -150,7 +150,11 @@ func (b *backend) pathConfigClientCreateUpdate(
 		configEntry = &clientConfig{}
 	}
 
+	// changedCreds is whether we need to flush the cached AWS clients and store in the backend
 	changedCreds := false
+	// changedOtherConfig is whether other config has changed that requires storing in the backend
+	// but does not require flushing the cached clients
+	changedOtherConfig := false
 
 	accessKeyStr, ok := data.GetOk("access_key")
 	if ok {
@@ -213,6 +217,7 @@ func (b *backend) pathConfigClientCreateUpdate(
 		if configEntry.IAMServerIdHeaderValue != headerValStr.(string) {
 			// NOT setting changedCreds here, since this isn't really cached
 			configEntry.IAMServerIdHeaderValue = headerValStr.(string)
+			changedOtherConfig = true
 		}
 	} else if req.Operation == logical.CreateOperation {
 		configEntry.IAMServerIdHeaderValue = data.Get("iam_server_id_header_value").(string)
@@ -228,7 +233,7 @@ func (b *backend) pathConfigClientCreateUpdate(
 		return nil, err
 	}
 
-	if changedCreds || req.Operation == logical.CreateOperation {
+	if changedCreds || changedOtherConfig || req.Operation == logical.CreateOperation {
 		if err := req.Storage.Put(entry); err != nil {
 			return nil, err
 		}
diff --git a/builtin/credential/aws/path_config_client_test.go b/builtin/credential/aws/path_config_client_test.go
index 268571024041..215cee75e7e7 100644
--- a/builtin/credential/aws/path_config_client_test.go
+++ b/builtin/credential/aws/path_config_client_test.go
@@ -73,4 +73,37 @@ func TestBackend_pathConfigClient(t *testing.T) {
 		t.Fatalf("expected iam_server_id_header_value: '%#v'; returned iam_server_id_header_value: '%#v'",
 			data["iam_server_id_header_value"], resp.Data["iam_server_id_header_value"])
 	}
+
+	data = map[string]interface{}{
+		"iam_server_id_header_value": "vault_server_identification_2718281",
+	}
+	resp, err = b.HandleRequest(&logical.Request{
+		Operation: logical.UpdateOperation,
+		Path:      "config/client",
+		Data:      data,
+		Storage:   storage,
+	})
+
+	if err != nil {
+		t.Fatal(err)
+	}
+	if resp != nil && resp.IsError() {
+		t.Fatal("failed to update the client config entry")
+	}
+
+	resp, err = b.HandleRequest(&logical.Request{
+		Operation: logical.ReadOperation,
+		Path:      "config/client",
+		Storage:   storage,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if resp == nil || resp.IsError() {
+		t.Fatal("failed to read the client config entry")
+	}
+	if resp.Data["iam_server_id_header_value"] != data["iam_server_id_header_value"] {
+		t.Fatalf("expected iam_server_id_header_value: '%#v'; returned iam_server_id_header_value: '%#v'",
+			data["iam_server_id_header_value"], resp.Data["iam_server_id_header_value"])
+	}
 }