if you need to run an script, you can use user_data https://www.packer.io/docs/builders/amazon-ebs.html#user_data
that should help to make the VM packer friendly On Mon, May 7, 2018 at 8:24 PM, Andres Urrutia <[email protected]> wrote: > Hi, > > I am trying to use Packer to build new AMIs using the Windows 2012 CIS > Benchmark (Hardened) image as the Source AMI: > > https://aws.amazon.com/marketplace/pp/B00UVT62LG > > The problem I am facing is that Packer is not able to connect to the EC2 > instance via WinRM once the server is up. The following is the error I get > in the 'packer.log' file that is generated: > > 2018/05/07 18:04:20 packer: 2018/05/07 18:04:20 [ERROR] connection error: > http response error: 401 - invalid content type > 2018/05/07 18:04:20 packer: 2018/05/07 18:04:20 [ERROR] WinRM connection > err: http response error: 401 - invalid content type > > After troubleshooting for many days, I found out that the following GPO > that is automatically enabled by this Hardened AMI is what's causing Packer > to timeout and fail: > > HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!AllowBasic > > The GPO restricts the use of Basic Authentication. If I manually RDP into > the instance and enable that from the Policy Editor, Packer > successfully connects to the instance. > > I read the Packer documentation and there is a way to change the > Authentication mechanism by setting the field "winrm_use_ntlm" to True. I > tried doing that but Packer is still timing out when it tries to connect to > the instance via WinRM. > > Has anybody seen this issue in the past? Is there a way to configure > Packer to connect to this instance using "Non-Basic Authentication" and > without having to manually edit the GPO? > > Thanks for the support! > > Andres > > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/packer/issues > IRC: #packer-tool on Freenode > --- > You received this message because you are subscribed to the Google Groups > "Packer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/packer-tool/04422e65-4c39-47bc-b9e0-f067f5c95e67%40googlegroups.com > <https://groups.google.com/d/msgid/packer-tool/04422e65-4c39-47bc-b9e0-f067f5c95e67%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Alvaro -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CAHqq0ew5KpKSrKRpS55y9Zuo%3DNFDEtgrp0_KvsCB9yCMgmG6tw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
