Merge pull request #4216 from dave2/gh-3981
amazon-import: support AMI attributes on import
This commit is contained in:
commit
572493e9b4
|
@ -26,11 +26,14 @@ type Config struct {
|
|||
awscommon.AccessConfig `mapstructure:",squash"`
|
||||
|
||||
// Variables specific to this post processor
|
||||
S3Bucket string `mapstructure:"s3_bucket_name"`
|
||||
S3Key string `mapstructure:"s3_key_name"`
|
||||
SkipClean bool `mapstructure:"skip_clean"`
|
||||
Tags map[string]string `mapstructure:"tags"`
|
||||
Name string `mapstructure:"ami_name"`
|
||||
S3Bucket string `mapstructure:"s3_bucket_name"`
|
||||
S3Key string `mapstructure:"s3_key_name"`
|
||||
SkipClean bool `mapstructure:"skip_clean"`
|
||||
Tags map[string]string `mapstructure:"tags"`
|
||||
Name string `mapstructure:"ami_name"`
|
||||
Description string `mapstructure:"ami_description"`
|
||||
Users []string `mapstructure:"ami_users"`
|
||||
Groups []string `mapstrcuture:"ami_groups"`
|
||||
|
||||
ctx interpolate.Context
|
||||
}
|
||||
|
@ -304,6 +307,60 @@ func (p *PostProcessor) PostProcess(ui packer.Ui, artifact packer.Artifact) (pac
|
|||
|
||||
}
|
||||
|
||||
// Apply atttributes for AMI specified in config
|
||||
// (duped from builder/amazon/common/step_modify_ami_attributes.go)
|
||||
options := make(map[string]*ec2.ModifyImageAttributeInput)
|
||||
if p.config.Description != "" {
|
||||
options["description"] = &ec2.ModifyImageAttributeInput{
|
||||
Description: &ec2.AttributeValue{Value: &p.config.Description},
|
||||
}
|
||||
}
|
||||
|
||||
if len(p.config.Groups) > 0 {
|
||||
groups := make([]*string, len(p.config.Groups))
|
||||
adds := make([]*ec2.LaunchPermission, len(p.config.Groups))
|
||||
addGroups := &ec2.ModifyImageAttributeInput{
|
||||
LaunchPermission: &ec2.LaunchPermissionModifications{},
|
||||
}
|
||||
|
||||
for i, g := range p.config.Groups {
|
||||
groups[i] = aws.String(g)
|
||||
adds[i] = &ec2.LaunchPermission{
|
||||
Group: aws.String(g),
|
||||
}
|
||||
}
|
||||
addGroups.UserGroups = groups
|
||||
addGroups.LaunchPermission.Add = adds
|
||||
|
||||
options["groups"] = addGroups
|
||||
}
|
||||
|
||||
if len(p.config.Users) > 0 {
|
||||
users := make([]*string, len(p.config.Users))
|
||||
adds := make([]*ec2.LaunchPermission, len(p.config.Users))
|
||||
for i, u := range p.config.Users {
|
||||
users[i] = aws.String(u)
|
||||
adds[i] = &ec2.LaunchPermission{UserId: aws.String(u)}
|
||||
}
|
||||
options["users"] = &ec2.ModifyImageAttributeInput{
|
||||
UserIds: users,
|
||||
LaunchPermission: &ec2.LaunchPermissionModifications{
|
||||
Add: adds,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
if len(options) > 0 {
|
||||
for name, input := range options {
|
||||
ui.Message(fmt.Sprintf("Modifying: %s", name))
|
||||
input.ImageId = &createdami
|
||||
_, err := ec2conn.ModifyImageAttribute(input)
|
||||
if err != nil {
|
||||
return nil, false, fmt.Errorf("Error modifying AMI attributes: %s", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Add the reported AMI ID to the artifact list
|
||||
log.Printf("Adding created AMI ID %s in region %s to output artifacts", createdami, *config.Region)
|
||||
artifact = &awscommon.Artifact{
|
||||
|
|
|
@ -51,6 +51,12 @@ Optional:
|
|||
- `tags` (object of key/value strings) - Tags applied to the created AMI and
|
||||
relevant snapshots.
|
||||
|
||||
- `ami_users` (array of strings) - A list of account IDs that have access to launch the imported AMI. By default no additional users other than the user importing the AMI has permission to launch it.
|
||||
|
||||
- `ami_groups` (array of strings) - A list of groups that have access to launch the imported AMI. By default no groups have permission to launch the AMI. `all` will make the AMI publically accessible. AWS currently doesn't accept any value other than "all".
|
||||
|
||||
- `ami_description` (string) - The description to set for the resulting imported AMI. By default this description is generated by the AMI import process.
|
||||
|
||||
## Basic Example
|
||||
|
||||
Here is a basic example. This assumes that the builder has produced an OVA artifact for us to work with, and IAM roles for import exist in the AWS account being imported into.
|
||||
|
|
Loading…
Reference in New Issue