I’m currently working on a set of vRealize Automation blueprints that reach out to Amazon Web Services Route 53 during provisioning to create some DNS records. In true “bottom-up” programming methodology, I’m using the Postman API client to prove my concept works, before coding the solution in Javascript so it can be used in vRealize Orchestrator.

Creating DNS records using the AWS API is well documented at https://docs.aws.amazon.com/Route53/latest/APIReference/Welcome.html. For the ChangeResourceRecordSets action, the URI, headers, body and method are all laid out – however, the authentication method was not easy to figure out.

The Solution

In Postman, create your new request. Select the method and the URI, and then click Authorization:

Change the Type to AWS Signature, and enter your Access Key and Secret Key:

These are not the creds you are looking for…

This where I struggled.

Enter the service name (I’m using Route53 in this example). As my region is “eu-west-1”, I entered that in the AWS Region box. This is wrong! I’d have been much better off keeping that blank and accepting the default, as to get this working I had to supply “us-east-1”.

Once you have formatted the necessary body and submitted it you should receive a 200 “success” result:

A big thanks and shout-out to Rob Nolen for his help on this.