AWS Host creation - never ending Security Group Creation rancher-machine


I’m trying to create host in AWS. I configured the first two step (Account Access and Availability Zone). Then choose the default security group option “rancher-machine”. But it says “creating security group” and never ends…

  • What can be the problem?
  • How can I see the logs to understand what’s going on behind the scene
  • IS there any specific configuration on AWS side that I missed?

Halil B.

First guess would be the credentials provided don’t have permission to create a security group or manipulate its rules. All the interaction with AWS is happening from the browser so there’s nor eal logs, but you can open up the browser dev tools -> network tab and see the requests/responses made (to /v1/proxy/<aws region>)

I can create from the AWS web console the security group and instances but not know what is missing?
To pass that step for now, I created my Security Group manually and added the necessary ports…And click the create button…But this time error says

“Error in driver during machine creation:
unable to create key pair: UnauthorizedOperation: You are not authorized
to perform this operation.”

But I can create the key pair from AWS web console

Halil B.

The user you are logged in to the console website as does not necessarily have the same permissions as the API key you are giving to Rancher/docker-machine to make requests with. Since two separate requests are failing in two totally separate code bases (creating the security group/rules from the Rancher UI and the SSH Keypair within docker-machine) it’s pretty clear your key has insufficient permissions.