iSharkFly-Docs
/
packer-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update index.mdx 

While trying to get packer to:

1. Assume a role
2. use `auto` price for spot instances
2. Assign an instance profile to the provisioned instance, I hit this error:

```
The provided credentials do not have permission to create the service-linked role for EC2 Spot Instances.
```

Adding the `iam:CreateServiceLinkedRole` entitlement to the role that packer assumes was all I needed to do.
This commit is contained in:
kiddom-kq 2021-02-26 12:15:15 -08:00 committed by GitHub
parent 1c6daa23ac
commit 824fe13bd5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
website/content/docs/builders/amazon/index.mdx
View File

@ -257,6 +257,17 @@ work, but specifics will depend on your use-case.
}
```
If using an existing instance profile with spot instances/spot pricing, the `iam:CreateServiceLinkedRole` action is also required:
```json
{
"Sid": "PackerIAMPassRole",
"Effect": "Allow",
"Action": ["iam:PassRole", "iam:GetInstanceProfile", "iam:CreateServiceLinkedRole"],
"Resource": ["*"]
}
```
In case when you're creating a temporary instance profile you will require to have following
IAM policies.