I'm first creating a session as below:
aws_session=$(
aws sts assume-role \
--role-arn ${AWS_ROLE_ARN} \
--role-session-name ${AWS_SESSION_NAME} \
--region ${AWS_DEFAULT_REGION} \
${AWS_ARGS}
)
Then I'm exporting environment variables:
echo AWS_DEFAULT_REGION=$AWS_DEFAULT_REGION
echo AWS_ACCESS_KEY_ID=$(echo $aws_session | jq -r
'.Credentials.AccessKeyId')
echo AWS_SESSION_TOKEN=$(echo $aws_session | jq -r
'.Credentials.SessionToken')
echo AWS_SECRET_ACCESS_KEY=$(echo $aws_session | jq -r
'.Credentials.SecretAccessKey')
Packer relies on these environment variables to access AWS.
{
"description": "...",
"variables": {
"source_ami": "{{env `SOURCE_AMI`}}",
"enhanced_networking_type": "{{env `ENHANCED_NETWORKING_TYPE`}}",
"region": "us-east-1",
"project_name": "project1",
"os_name": "centos",
"os_version": "7"
},
"provisioners": [
{
"destination": "/tmp/packer",
"source": "./files",
"type": "file"
},
{
"type": "shell",
"execute_command": "echo 'packer' | sudo -S sh -c '{{ .Vars }} {{
.Path }}'",
"scripts": [
"scripts/0-prep.sh",
"scripts/10-bootstrap.sh",
"scripts/20-......sh",
"scripts/40-cleanup.sh"
]
}
],
"builders": [
{
"type": "amazon-ebs",
"ami_name": "{{user `os_name`}}-{{user `os_version`}}-{{user
`project_name` }}-{{user `enhanced_networking_type`}}-{{isotime
\"2006-01-02-030405\" | clean_ami_name}}",
"ami_description": "{{user `os_name`}} {{user `project_name`}} {{user
`enhanced_networking_type`}} {{user `os_version`}} {{user `build_stage`}}
image built on {{isotime \"2006-01-02\"}}",
"enhanced_networking": true,
"instance_type": "m4.2xlarge",
"region": "{{user `region`}}",
"security_group_id": "....",
"subnet_id": "...",
"ssh_username": "centos",
"source_ami": "{{ user `source_ami` }}",
"vpc_id": "...",
"iam_instance_profile": "...",
"launch_block_device_mappings": [
{
"device_name": "/dev/xvda",
"volume_size": 300,
"volume_type": "gp2",
"delete_on_termination": true
}
],
"run_tags": {
"created_by": "packer",
"environment": "packer_dev"
},
"tags": {
"Name": "{{user `os_name`}}-{{user `os_version`}}-{{user
`project_name` }}-{{user `enhanced_networking_type`}}-{{isotime
\"2006-01-02-030405\" | clean_ami_name}}",
"build_date": "{{isotime \"2006-01-02\"}}",
"os": "{{user `os_name`}}",
"source_ami": "{{user `source_ami`}}",
"version": "{{user `os_version`}}",
"description": "{{user `description`}}"
}
}
]
}
I couldn't find any documentation on using aws assume role profile. I'm
running packer from a container. I'll follow Richard's suggestions and keep
you posted.
Thank you!
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/75141bdd-311d-46f9-afbd-5f3148467f1f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
