2013-08-09 01:50:23 -04:00
|
|
|
package common
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2017-04-04 21:02:23 -04:00
|
|
|
|
2017-04-04 16:39:01 -04:00
|
|
|
"github.com/hashicorp/packer/template/interpolate"
|
2013-08-09 01:50:23 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
// AMIConfig is for common configuration related to creating AMIs.
|
|
|
|
type AMIConfig struct {
|
2016-06-06 14:37:09 -04:00
|
|
|
AMIName string `mapstructure:"ami_name"`
|
|
|
|
AMIDescription string `mapstructure:"ami_description"`
|
|
|
|
AMIVirtType string `mapstructure:"ami_virtualization_type"`
|
|
|
|
AMIUsers []string `mapstructure:"ami_users"`
|
|
|
|
AMIGroups []string `mapstructure:"ami_groups"`
|
|
|
|
AMIProductCodes []string `mapstructure:"ami_product_codes"`
|
|
|
|
AMIRegions []string `mapstructure:"ami_regions"`
|
|
|
|
AMISkipRegionValidation bool `mapstructure:"skip_region_validation"`
|
|
|
|
AMITags map[string]string `mapstructure:"tags"`
|
|
|
|
AMIEnhancedNetworking bool `mapstructure:"enhanced_networking"`
|
|
|
|
AMIForceDeregister bool `mapstructure:"force_deregister"`
|
2016-11-30 16:28:34 -05:00
|
|
|
AMIForceDeleteSnapshot bool `mapstructure:"force_delete_snapshot"`
|
2016-03-23 13:35:47 -04:00
|
|
|
AMIEncryptBootVolume bool `mapstructure:"encrypt_boot"`
|
2016-10-18 08:30:38 -04:00
|
|
|
AMIKmsKeyId string `mapstructure:"kms_key_id"`
|
2017-05-25 17:42:03 -04:00
|
|
|
AMIRegionKmsKeyIds map[string]string `mapstructure:"region_kms_key_ids"`
|
2016-10-16 22:19:55 -04:00
|
|
|
SnapshotTags map[string]string `mapstructure:"snapshot_tags"`
|
2016-12-02 03:49:21 -05:00
|
|
|
SnapshotUsers []string `mapstructure:"snapshot_users"`
|
|
|
|
SnapshotGroups []string `mapstructure:"snapshot_groups"`
|
2013-08-09 01:50:23 -04:00
|
|
|
}
|
|
|
|
|
2017-05-25 17:42:03 -04:00
|
|
|
func stringInSlice(searchstr string, searchslice []string) bool {
|
|
|
|
for _, item := range searchslice {
|
|
|
|
if item == searchstr {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
2015-05-27 14:35:56 -04:00
|
|
|
func (c *AMIConfig) Prepare(ctx *interpolate.Context) []error {
|
|
|
|
var errs []error
|
2013-08-09 01:50:23 -04:00
|
|
|
if c.AMIName == "" {
|
|
|
|
errs = append(errs, fmt.Errorf("ami_name must be specified"))
|
|
|
|
}
|
|
|
|
|
2013-08-21 21:44:14 -04:00
|
|
|
if len(c.AMIRegions) > 0 {
|
2013-08-22 17:58:21 -04:00
|
|
|
regionSet := make(map[string]struct{})
|
|
|
|
regions := make([]string, 0, len(c.AMIRegions))
|
|
|
|
|
2013-08-21 21:44:14 -04:00
|
|
|
for _, region := range c.AMIRegions {
|
2013-08-22 17:58:21 -04:00
|
|
|
// If we already saw the region, then don't look again
|
|
|
|
if _, ok := regionSet[region]; ok {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
// Mark that we saw the region
|
|
|
|
regionSet[region] = struct{}{}
|
|
|
|
|
2016-06-07 09:21:43 -04:00
|
|
|
if !c.AMISkipRegionValidation {
|
|
|
|
// Verify the region is real
|
2017-03-28 21:29:55 -04:00
|
|
|
if valid := ValidateRegion(region); !valid {
|
2016-06-06 14:17:12 -04:00
|
|
|
errs = append(errs, fmt.Errorf("Unknown region: %s", region))
|
|
|
|
continue
|
|
|
|
}
|
2013-08-21 21:44:14 -04:00
|
|
|
}
|
2013-08-22 17:58:21 -04:00
|
|
|
|
2017-05-25 17:42:03 -04:00
|
|
|
// Make sure that if we have region_kms_key_ids defined the regions in ami_regions are also in region_kms_key_ids
|
|
|
|
if len(c.AMIRegionKmsKeyIds) > 0 {
|
2017-05-31 15:27:45 -04:00
|
|
|
regionsInKeyMap := make([]string, 0, len(c.AMIRegionKmsKeyIds))
|
2017-05-25 17:42:03 -04:00
|
|
|
for reg := range c.AMIRegionKmsKeyIds {
|
2017-05-31 15:27:45 -04:00
|
|
|
regionsInKeyMap = append(regionsInKeyMap, reg)
|
2017-05-25 17:42:03 -04:00
|
|
|
}
|
2017-05-31 15:27:45 -04:00
|
|
|
if regionsMatch := stringInSlice(region, regionsInKeyMap); !regionsMatch {
|
2017-05-25 17:42:03 -04:00
|
|
|
errs = append(errs, fmt.Errorf("Region %s is in ami_regions but not in region_kms_key_ids", region))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-08-22 17:58:21 -04:00
|
|
|
regions = append(regions, region)
|
2013-08-21 21:44:14 -04:00
|
|
|
}
|
2013-08-22 17:58:21 -04:00
|
|
|
|
|
|
|
c.AMIRegions = regions
|
2013-08-21 21:44:14 -04:00
|
|
|
}
|
2017-05-25 17:42:03 -04:00
|
|
|
// Make sure that if we have region_kms_key_ids defined the regions in region_kms_key_ids are also in ami_regions
|
|
|
|
if len(c.AMIRegionKmsKeyIds) > 0 {
|
2017-05-31 15:27:45 -04:00
|
|
|
for kmsKeyRegion := range c.AMIRegionKmsKeyIds {
|
|
|
|
if regionsMatch := stringInSlice(kmsKeyRegion, c.AMIRegions); !regionsMatch {
|
|
|
|
errs = append(errs, fmt.Errorf("Region %s is in region_kms_key_ids but not in ami_regions", kmsKeyRegion))
|
2017-05-25 17:42:03 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2013-08-21 21:44:14 -04:00
|
|
|
|
2016-12-04 09:14:53 -05:00
|
|
|
if len(c.AMIUsers) > 0 && c.AMIEncryptBootVolume {
|
|
|
|
errs = append(errs, fmt.Errorf("Cannot share AMI with encrypted boot volume"))
|
2016-05-12 12:21:44 -04:00
|
|
|
}
|
|
|
|
|
2017-05-25 17:42:03 -04:00
|
|
|
if len(c.SnapshotUsers) > 0 {
|
|
|
|
if len(c.AMIKmsKeyId) == 0 && c.AMIEncryptBootVolume {
|
|
|
|
errs = append(errs, fmt.Errorf("Cannot share snapshot encrypted with default KMS key"))
|
|
|
|
}
|
|
|
|
if len(c.AMIRegionKmsKeyIds) > 0 {
|
2017-05-31 15:27:45 -04:00
|
|
|
for _, kmsKeyRegion := range c.AMIRegionKmsKeyIds {
|
|
|
|
if len(kmsKeyRegion) == 0 {
|
2017-05-25 17:42:03 -04:00
|
|
|
errs = append(errs, fmt.Errorf("Cannot share snapshot encrypted with default KMS key"))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2016-12-04 14:18:27 -05:00
|
|
|
}
|
|
|
|
|
2017-04-04 20:46:44 -04:00
|
|
|
if len(c.AMIName) < 3 || len(c.AMIName) > 128 {
|
|
|
|
errs = append(errs, fmt.Errorf("AMIName must be between 3 and 128 characters long"))
|
|
|
|
}
|
|
|
|
|
2017-05-19 05:11:43 -04:00
|
|
|
if c.AMIName != templateCleanAMIName(c.AMIName) {
|
|
|
|
errs = append(errs, fmt.Errorf("AMIName should only contain "+
|
|
|
|
"alphanumeric characters, parentheses (()), square brackets ([]), spaces "+
|
|
|
|
"( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs "+
|
|
|
|
"(@), or underscores(_). You can use the `clean_ami_name` template "+
|
|
|
|
"filter to automatically clean your ami name."))
|
2017-04-04 20:46:44 -04:00
|
|
|
}
|
|
|
|
|
2013-08-09 01:50:23 -04:00
|
|
|
if len(errs) > 0 {
|
|
|
|
return errs
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|