Hi Shashank,
I can give you part of my packer file so that you can understand how things
are working. I am using winrm as a communicator and chef-solo to execute
hardening cookbooks.
{
"variables": {
....
},
"builders": [
{
"type": "amazon-ebs",
"region": "{{user `aws_region`}}",
....
"communicator": "winrm",
"winrm_username": "{{user `winrm_username`}}",
"winrm_password": "{{user `winrm_password`}}",
"winrm_use_ssl": true,
"winrm_insecure": true,
....
}
],
"provisioners": [
{
"type": "powershell",
"scripts": ["scripts/InstallAWSCli.ps1"],
....
},
{
"type": "powershell",
"inline": [
"setx AWS_DEFAULT_REGION \"{{user `aws_region`}}\" /M"]
},
{
"type": "powershell",
"scripts": ["scripts/InstallChefdk.ps1"],
....
},
{
"type": "powershell",
"script": "scripts/DownloadCookbooks.ps1",
....
},
{
"type": "chef-solo",
"guest_os_type": "windows",
"skip_install": true,
"execute_command": "c:/opscode/chefdk/bin/chef-solo.bat --chef-license
accept --no-color -c {{.ConfigPath}} -j {{.JsonPath}}",
"remote_cookbook_paths": ["C:/chef-repo/cookbooks"],
"run_list": [
"CIS-Hardening"
]
},
{
"type": "windows-restart",
"timeout": "15m"
},
{
"type": "powershell",
"inline": [
"C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1
-Schedule",
"C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\SysprepInstance.ps1
-NoShutdown"
]
}
],
"post-processors": [
{
"type": "manifest",
"output": "output/manifest-{{timestamp}}.json"
}
]
}
You can also share your packer so that I can get to know what things you
are using.
On Thursday, May 30, 2019 at 1:50:41 AM UTC+5:30, Shashank wrote:
>
> Can you send me your packer. I am also hardening windows server 2016
> following CIS benchmarks. Hope I can help. I am using ssh for connection.
> Are you using win-rm or ssh?
>
> On Wednesday, May 29, 2019 at 9:26:56 PM UTC+5:30, Deval Ganatra wrote:
>>
>> Hi all,
>> I am trying to create AMI for CIS benchmark hardening. Other things are
>> working fine except windows-restart provisioner. As restart is necessary in
>> windows to complete so many things, I am trying to restart instance before
>> creating AMI. Can anyone help me with that?
>>
>
--
--
This mailing list is governed under the HashiCorp Community Guidelines -
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of
those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/packer-tool/58d4d29a-5c7d-4e42-ad58-9ea9246c113e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
