added the option to skip IAM instance profile validation (#8457)

2019-12-10 10:17:39 +02:00 · 2019-12-10 10:17:39 +02:00 · 5e81c6f44e
parent a828a6a4e0
commit 5e81c6f44e
8 changed files with 23 additions and 10 deletions
--- a/builder/amazon/common/run_config.go
+++ b/builder/amazon/common/run_config.go
@ -145,6 +145,8 @@ type RunConfig struct {
 	// profile](https://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html)
 	// to launch the EC2 instance with.
 	IamInstanceProfile string `mapstructure:"iam_instance_profile" required:"false"`
+	// Whether or not to check if the IAM instance profile exists. Defaults to false
+	SkipProfileValidation bool `mapstructure:"skip_profile_validation" required:"false"`
 	// Temporary IAM instance profile policy document
 	// If IamInstanceProfile is specified it will be used instead. Example:
 	//
--- a/builder/amazon/common/step_iam_instance_profile.go
+++ b/builder/amazon/common/step_iam_instance_profile.go
@ -16,6 +16,7 @@ import (

 type StepIamInstanceProfile struct {
 	IamInstanceProfile                        string
+	SkipProfileValidation                     bool
 	TemporaryIamInstanceProfilePolicyDocument *PolicyDocument
 	createdInstanceProfileName                string
 	createdRoleName                           string
@ -30,16 +31,18 @@ func (s *StepIamInstanceProfile) Run(ctx context.Context, state multistep.StateB
 	state.Put("iamInstanceProfile", "")

 	if len(s.IamInstanceProfile) > 0 {
-		_, err := iamsvc.GetInstanceProfile(
-			&iam.GetInstanceProfileInput{
-				InstanceProfileName: aws.String(s.IamInstanceProfile),
-			},
-		)
-		if err != nil {
-			err := fmt.Errorf("Couldn't find specified instance profile: %s", err)
-			log.Printf("[DEBUG] %s", err.Error())
-			state.Put("error", err)
-			return multistep.ActionHalt
+		if !s.SkipProfileValidation {
+			_, err := iamsvc.GetInstanceProfile(
+				&iam.GetInstanceProfileInput{
+					InstanceProfileName: aws.String(s.IamInstanceProfile),
+				},
+			)
+			if err != nil {
+				err := fmt.Errorf("Couldn't find specified instance profile: %s", err)
+				log.Printf("[DEBUG] %s", err.Error())
+				state.Put("error", err)
+				return multistep.ActionHalt
+			}
 		}
 		log.Printf("Using specified instance profile: %v", s.IamInstanceProfile)
 		state.Put("iamInstanceProfile", s.IamInstanceProfile)
--- a/builder/amazon/ebs/builder.go
+++ b/builder/amazon/ebs/builder.go
@ -234,6 +234,7 @@ func (b *Builder) Run(ctx context.Context, ui packer.Ui, hook packer.Hook) (pack
 		},
 		&awscommon.StepIamInstanceProfile{
 			IamInstanceProfile:                        b.config.IamInstanceProfile,
+			SkipProfileValidation:                     b.config.SkipProfileValidation,
 			TemporaryIamInstanceProfilePolicyDocument: b.config.TemporaryIamInstanceProfilePolicyDocument,
 		},
 		&awscommon.StepCleanupVolumes{
--- a/builder/amazon/ebs/builder.hcl2spec.go
+++ b/builder/amazon/ebs/builder.hcl2spec.go
@ -55,6 +55,7 @@ type FlatConfig struct {
 	EbsOptimized                              *bool                                  `mapstructure:"ebs_optimized" required:"false" cty:"ebs_optimized"`
 	EnableT2Unlimited                         *bool                                  `mapstructure:"enable_t2_unlimited" required:"false" cty:"enable_t2_unlimited"`
 	IamInstanceProfile                        *string                                `mapstructure:"iam_instance_profile" required:"false" cty:"iam_instance_profile"`
+	SkipProfileValidation                     *bool                                  `mapstructure:"skip_profile_validation" required:"false" cty:"skip_profile_validation"`
 	TemporaryIamInstanceProfilePolicyDocument *common.FlatPolicyDocument             `mapstructure:"temporary_iam_instance_profile_policy_document" required:"false" cty:"temporary_iam_instance_profile_policy_document"`
 	InstanceInitiatedShutdownBehavior         *string                                `mapstructure:"shutdown_behavior" required:"false" cty:"shutdown_behavior"`
 	InstanceType                              *string                                `mapstructure:"instance_type" required:"true" cty:"instance_type"`
@ -177,6 +178,7 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
 		"ebs_optimized":                 &hcldec.AttrSpec{Name: "ebs_optimized", Type: cty.Bool, Required: false},
 		"enable_t2_unlimited":           &hcldec.AttrSpec{Name: "enable_t2_unlimited", Type: cty.Bool, Required: false},
 		"iam_instance_profile":          &hcldec.AttrSpec{Name: "iam_instance_profile", Type: cty.String, Required: false},
+		"skip_profile_validation":       &hcldec.AttrSpec{Name: "skip_profile_validation", Type: cty.Bool, Required: false},
 		"temporary_iam_instance_profile_policy_document": &hcldec.BlockSpec{TypeName: "temporary_iam_instance_profile_policy_document", Nested: hcldec.ObjectSpec((*common.FlatPolicyDocument)(nil).HCL2Spec())},
 		"shutdown_behavior":                     &hcldec.AttrSpec{Name: "shutdown_behavior", Type: cty.String, Required: false},
 		"instance_type":                         &hcldec.AttrSpec{Name: "instance_type", Type: cty.String, Required: false},
--- a/builder/amazon/ebssurrogate/builder.go
+++ b/builder/amazon/ebssurrogate/builder.go
@ -257,6 +257,7 @@ func (b *Builder) Run(ctx context.Context, ui packer.Ui, hook packer.Hook) (pack
 		},
 		&awscommon.StepIamInstanceProfile{
 			IamInstanceProfile:                        b.config.IamInstanceProfile,
+			SkipProfileValidation:                     b.config.SkipProfileValidation,
 			TemporaryIamInstanceProfilePolicyDocument: b.config.TemporaryIamInstanceProfilePolicyDocument,
 		},
 		&awscommon.StepCleanupVolumes{
--- a/builder/amazon/ebsvolume/builder.go
+++ b/builder/amazon/ebsvolume/builder.go
@ -227,6 +227,7 @@ func (b *Builder) Run(ctx context.Context, ui packer.Ui, hook packer.Hook) (pack
 		},
 		&awscommon.StepIamInstanceProfile{
 			IamInstanceProfile:                        b.config.IamInstanceProfile,
+			SkipProfileValidation:                     b.config.SkipProfileValidation,
 			TemporaryIamInstanceProfilePolicyDocument: b.config.TemporaryIamInstanceProfilePolicyDocument,
 		},
 		instanceStep,
--- a/builder/amazon/instance/builder.go
+++ b/builder/amazon/instance/builder.go
@ -318,6 +318,7 @@ func (b *Builder) Run(ctx context.Context, ui packer.Ui, hook packer.Hook) (pack
 		},
 		&awscommon.StepIamInstanceProfile{
 			IamInstanceProfile:                        b.config.IamInstanceProfile,
+			SkipProfileValidation:                     b.config.SkipProfileValidation,
 			TemporaryIamInstanceProfilePolicyDocument: b.config.TemporaryIamInstanceProfilePolicyDocument,
 		},
 		instanceStep,
--- a/website/source/partials/builder/amazon/common/_RunConfig-not-required.html.md
+++ b/website/source/partials/builder/amazon/common/_RunConfig-not-required.html.md
@ -64,6 +64,8 @@
    profile](https://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html)
    to launch the EC2 instance with.
    
+-   `skip_profile_validation` (bool) - Whether or not to check if the IAM instance profile exists. Defaults to false
+    
 -   `temporary_iam_instance_profile_policy_document` (\*PolicyDocument) - Temporary IAM instance profile policy document
    If IamInstanceProfile is specified it will be used instead. Example: