I am attempting to set up Route 53 in my Virtualmin. I added the AWS service to my server, and the option is now appearing under Addresses and Networking > Cloud DNS Providers.
I created a user in my AWS account called “Virtualmin” and gave it the “AmazonRoute53FullAccess” role. I then created the keys for the account.
When I add the account to the Route 53 settings in Virtualmin, I get the error:
Failed to save cloud DNS provider : AWS credentials are not valid : An error occurred (InvalidClientTokenId) when calling the ListHostedZones operation: The security token included in the request is invalid.
I went back and added additional roles to the account in AWS, but the error is persisting. I did verify I copied the name and password from AWS correctly, and re-copied them from the downloaded CSV file.
Any advice on what next steps I can take to troubleshoot this? I did search for solutions, but nothing came up that I haven’t already tried.
Hm. I deleted the user, and created a new one. Added to the group with the permissions, then created a new set of Access Keys.
Copied the keys right from the portal, using the Copy icon next to each item, pasted into Virtualmin’s UI.
Unfortunately, the issue is persisting.
Is there some underlying config I may need to set up, after installing AWS on my server, but before entering the credentials? Does the AWS account need a specific role or setup aside from the permissions to modify Route53 items?
Like Joe said its error with credentials.
Credentials are S3 access key and S3 secret key not a account name, so Account name is not used anywhere on Virtuamin side.
I’ll paste what I have in my IAM, you might see something different.
I think I am missing an Account ID in my setup - the Virtualmin UI doesn’t ask for an Account ID anywhere, but the Web UI for AWS does before you can even get to the login page.
I’ll go over the AWS CLI setup, see what I potentially missed during the install process.
The thing that’s making me think is the line “(InvalidClientTokenId)” - I feel like something isn’t being passed to AWS correctly? Or it’s not set up correctly, but I am not sure what I am missing in my setup.
I also tried setting up an Access Key as my root user - same issue. I removed the key as soon as I tested it and it stopped working.
Ok, I just notice something, I didn’t use the Cloud DNS provider section in Virtualmin.
I created the S3 Account section in the Backup and Restore section.
Can you create a account there or do you still get the error.
I took a step back and tried testing it from the command line. It looks like there’s a permissions issue (AssumeRole) that I need to resolve in AWS with the account I set up, before I can get the UI to work. Once I can confirm I can make calls from the command line on my server and get responses, I’ll come back and try the UI again.