amazon: add option for skipping TLS verification

Signed-off-by: Mikhail Ushanov <gm.mephisto@gmail.com>
2017-10-27 16:32:23 +03:00 · 2017-10-27 16:32:23 +03:00 · 4608b5d39d
parent 651be3254d
commit 4608b5d39d
1 changed files with 22 additions and 11 deletions
--- a/builder/amazon/common/access_config.go
+++ b/builder/amazon/common/access_config.go
@ -1,8 +1,10 @@
 package common

 import (
+	"crypto/tls"
 	"fmt"
 	"log"
+	"net/http"
 	"strings"
 	"time"

@ -22,6 +24,7 @@ type AccessConfig struct {
 	AccessKey             string `mapstructure:"access_key"`
 	CustomEndpointEc2     string `mapstructure:"custom_endpoint_ec2"`
 	DecodeAuthZMessages   bool   `mapstructure:"decode_authorization_messages"`
+	InsecureSkipTLSVerify bool   `mapstructure:"insecure_skip_tls_verify"`
 	MFACode               string `mapstructure:"mfa_code"`
 	ProfileName           string `mapstructure:"profile"`
 	RawRegion             string `mapstructure:"region"`
@ -60,6 +63,14 @@ func (c *AccessConfig) Session() (*session.Session, error) {
 		config = config.WithEndpoint(c.CustomEndpointEc2)
 	}

+	if c.InsecureSkipTLSVerify {
+		config := config.WithHTTPClient(cleanhttp.DefaultClient())
+		transport := config.HTTPClient.Transport.(*http.Transport)
+		transport.TLSClientConfig = &tls.Config{
+			InsecureSkipVerify: true,
+		}
+	}
+
 	opts := session.Options{
 		SharedConfigState: session.SharedConfigEnable,
 		Config:            *config,