move snapshot deletion to cleanup; this allows people with tag-specific permissions to perform snapshot deletion operation

This commit is contained in:
Megan Marsh 2019-02-25 11:55:32 -08:00
parent 1c3bc70b12
commit 026e543b24
1 changed files with 15 additions and 11 deletions

View File

@ -17,6 +17,7 @@ type StepCreateEncryptedAMICopy struct {
EncryptBootVolume bool
Name string
AMIMappings []BlockDevice
ToDelete []*string
}
func (s *StepCreateEncryptedAMICopy) Run(ctx context.Context, state multistep.StateBag) multistep.StepAction {
@ -107,8 +108,7 @@ func (s *StepCreateEncryptedAMICopy) Run(ctx context.Context, state multistep.St
return multistep.ActionHalt
}
// Remove associated unencrypted snapshot(s)
ui.Say("Deleting unencrypted snapshots")
// Figure out which unencrypted snapshot(s) to delete
snapshots := state.Get("snapshots").(map[string][]string)
OuterLoop:
@ -121,15 +121,7 @@ OuterLoop:
continue OuterLoop
}
}
ui.Message(fmt.Sprintf("Deleting Snapshot ID: %s", *blockDevice.Ebs.SnapshotId))
deleteSnapOpts := &ec2.DeleteSnapshotInput{
SnapshotId: aws.String(*blockDevice.Ebs.SnapshotId),
}
if _, err := ec2conn.DeleteSnapshot(deleteSnapOpts); err != nil {
ui.Error(fmt.Sprintf("Error deleting snapshot, may still be around: %s", err))
return multistep.ActionHalt
}
s.ToDelete = append(s.ToDelete, aws.String(*blockDevice.Ebs.SnapshotId))
}
}
@ -171,4 +163,16 @@ func (s *StepCreateEncryptedAMICopy) Cleanup(state multistep.StateBag) {
ui.Error(fmt.Sprintf("Error deregistering AMI, may still be around: %s", err))
return
}
ui.Say("Deleting unencrypted snapshots")
for _, snap := range s.ToDelete {
ui.Message(fmt.Sprintf("Deleting Snapshot ID: %s", *snap))
deleteSnapOpts := &ec2.DeleteSnapshotInput{
SnapshotId: snap,
}
if _, err := ec2conn.DeleteSnapshot(deleteSnapOpts); err != nil {
ui.Error(fmt.Sprintf("Error deleting snapshot, may still be around: %s", err))
return
}
}
}