Let's Encrypt SSL DNS Authorization for AWS Route 53 (with wildcard support)
The user creates an AWS IAM user with programmatic access and a policy attached. You should allow the user to copy the policy from the RunCloud panel and just paste it on IAM.
The user then insert the KEY ID, SECRET ID and other variables depending on the rules you add to the policy.
Example of an LE Client that make this process easy:
AWS API Reference: