Why is the AWS Regions page blank in System Settings?


When browsing to Settings > System Settings > AWS Regions, you should see a full list of available AWS Regions to select and configure. Screenshot

When this page is empty, this is due to an issue with the Trust Relationship of the cloudtamer-service-role in the account where Kion is hosted. Typically, this is caused when the account used to install Kion was used for an installation in the past. To resolve this issue, follow the directions below: 

  1. Login to the AWS Account where Kion is hosted
  2. Browse to the IAM Service
  3. Search for the IAM role used for Kion's service role - by default this is the cloudtamer-service-role.
  4. Within the role, click on the Trust Relationships tab. Often, you will see an invalid IAM principal referenced here that looks like AIDAJQABLZS4A3QDU576Q.
  5. Click Edit trust policy and replace the contents.
    1. For EC2 Installations, this should be the kion-app-InstanceRole attached to the EC2 Instances. 
    2. For ECS Installations, this should be the kion-app-TaskRole attached to the ECS Tasks.

      For example: 
      "Version": "2012-10-17",
      "Statement": [
      "Effect": "Allow",
      "Principal": {
      "AWS": "arn:aws:iam::012345678912:role/kion-app-InstanceRole-1VJXOJ24SPUZX"
      "Action": "sts:AssumeRole"

      Now, click Save and browse back to Kion's region page. The regions should now load.