amazon: Added snapshot_users and snapshot_groups
This commit is contained in:
parent
46f217f255
commit
c3a352955e
|
@ -261,6 +261,8 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) (packe
|
|||
Users: b.config.AMIUsers,
|
||||
Groups: b.config.AMIGroups,
|
||||
ProductCodes: b.config.AMIProductCodes,
|
||||
SnapshotUsers: b.config.SnapshotUsers,
|
||||
SnapshotGroups: b.config.SnapshotGroups,
|
||||
},
|
||||
&awscommon.StepCreateTags{
|
||||
Tags: b.config.AMITags,
|
||||
|
|
|
@ -23,6 +23,8 @@ type AMIConfig struct {
|
|||
AMIEncryptBootVolume bool `mapstructure:"encrypt_boot"`
|
||||
AMIKmsKeyId string `mapstructure:"kms_key_id"`
|
||||
SnapshotTags map[string]string `mapstructure:"snapshot_tags"`
|
||||
SnapshotUsers []string `mapstructure:"snapshot_users"`
|
||||
SnapshotGroups []string `mapstructure:"snapshot_groups"`
|
||||
}
|
||||
|
||||
func (c *AMIConfig) Prepare(ctx *interpolate.Context) []error {
|
||||
|
|
|
@ -13,6 +13,8 @@ import (
|
|||
type StepModifyAMIAttributes struct {
|
||||
Users []string
|
||||
Groups []string
|
||||
SnapshotUsers []string
|
||||
SnapshotGroups []string
|
||||
ProductCodes []string
|
||||
Description string
|
||||
}
|
||||
|
@ -29,6 +31,8 @@ func (s *StepModifyAMIAttributes) Run(state multistep.StateBag) multistep.StepAc
|
|||
valid = valid || (s.Users != nil && len(s.Users) > 0)
|
||||
valid = valid || (s.Groups != nil && len(s.Groups) > 0)
|
||||
valid = valid || (s.ProductCodes != nil && len(s.ProductCodes) > 0)
|
||||
valid = valid || (s.SnapshotUsers != nil && len(s.SnapshotUsers) > 0)
|
||||
valid = valid || (s.SnapshotGroups != nil && len(s.SnapshotGroups) > 0)
|
||||
|
||||
if !valid {
|
||||
return multistep.ActionContinue
|
||||
|
@ -47,32 +51,35 @@ func (s *StepModifyAMIAttributes) Run(state multistep.StateBag) multistep.StepAc
|
|||
|
||||
if len(s.Groups) > 0 {
|
||||
groups := make([]*string, len(s.Groups))
|
||||
|
||||
addsImage := make([]*ec2.LaunchPermission, len(s.Groups))
|
||||
addGroups := &ec2.ModifyImageAttributeInput{
|
||||
LaunchPermission: &ec2.LaunchPermissionModifications{},
|
||||
}
|
||||
|
||||
addsSnapshot := make([]*ec2.CreateVolumePermission, len(s.Groups))
|
||||
addSnapshotGroups := &ec2.ModifySnapshotAttributeInput{
|
||||
CreateVolumePermission: &ec2.CreateVolumePermissionModifications{},
|
||||
}
|
||||
|
||||
for i, g := range s.Groups {
|
||||
groups[i] = aws.String(g)
|
||||
addsImage[i] = &ec2.LaunchPermission{
|
||||
Group: aws.String(g),
|
||||
}
|
||||
}
|
||||
|
||||
addGroups.UserGroups = groups
|
||||
options["groups"] = addGroups
|
||||
}
|
||||
|
||||
if len(s.SnapshotGroups) > 0 {
|
||||
groups := make([]*string, len(s.SnapshotGroups))
|
||||
addsSnapshot := make([]*ec2.CreateVolumePermission, len(s.SnapshotGroups))
|
||||
addSnapshotGroups := &ec2.ModifySnapshotAttributeInput{
|
||||
CreateVolumePermission: &ec2.CreateVolumePermissionModifications{},
|
||||
}
|
||||
|
||||
for i, g := range s.SnapshotGroups {
|
||||
groups[i] = aws.String(g)
|
||||
addsSnapshot[i] = &ec2.CreateVolumePermission{
|
||||
Group: aws.String(g),
|
||||
}
|
||||
}
|
||||
|
||||
addGroups.UserGroups = groups
|
||||
addGroups.LaunchPermission.Add = addsImage
|
||||
options["groups"] = addGroups
|
||||
|
||||
addSnapshotGroups.GroupNames = groups
|
||||
addSnapshotGroups.CreateVolumePermission.Add = addsSnapshot
|
||||
snapshotOptions["groups"] = addSnapshotGroups
|
||||
|
@ -81,11 +88,9 @@ func (s *StepModifyAMIAttributes) Run(state multistep.StateBag) multistep.StepAc
|
|||
if len(s.Users) > 0 {
|
||||
users := make([]*string, len(s.Users))
|
||||
addsImage := make([]*ec2.LaunchPermission, len(s.Users))
|
||||
addsSnapshot := make([]*ec2.CreateVolumePermission, len(s.Users))
|
||||
for i, u := range s.Users {
|
||||
users[i] = aws.String(u)
|
||||
addsImage[i] = &ec2.LaunchPermission{UserId: aws.String(u)}
|
||||
addsSnapshot[i] = &ec2.CreateVolumePermission{UserId: aws.String(u)}
|
||||
}
|
||||
|
||||
options["users"] = &ec2.ModifyImageAttributeInput{
|
||||
|
@ -94,6 +99,15 @@ func (s *StepModifyAMIAttributes) Run(state multistep.StateBag) multistep.StepAc
|
|||
Add: addsImage,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
if len(s.SnapshotUsers) > 0 {
|
||||
users := make([]*string, len(s.SnapshotUsers))
|
||||
addsSnapshot := make([]*ec2.CreateVolumePermission, len(s.SnapshotUsers))
|
||||
for i, u := range s.SnapshotUsers {
|
||||
users[i] = aws.String(u)
|
||||
addsSnapshot[i] = &ec2.CreateVolumePermission{UserId: aws.String(u)}
|
||||
}
|
||||
|
||||
snapshotOptions["users"] = &ec2.ModifySnapshotAttributeInput{
|
||||
UserIds: users,
|
||||
|
|
|
@ -182,6 +182,8 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) (packe
|
|||
Users: b.config.AMIUsers,
|
||||
Groups: b.config.AMIGroups,
|
||||
ProductCodes: b.config.AMIProductCodes,
|
||||
SnapshotUsers: b.config.SnapshotUsers,
|
||||
SnapshotGroups: b.config.SnapshotGroups,
|
||||
},
|
||||
&awscommon.StepCreateTags{
|
||||
Tags: b.config.AMITags,
|
||||
|
|
|
@ -263,6 +263,8 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) (packe
|
|||
Users: b.config.AMIUsers,
|
||||
Groups: b.config.AMIGroups,
|
||||
ProductCodes: b.config.AMIProductCodes,
|
||||
SnapshotUsers: b.config.SnapshotUsers,
|
||||
SnapshotGroups: b.config.SnapshotGroups,
|
||||
},
|
||||
&awscommon.StepCreateTags{
|
||||
Tags: b.config.AMITags,
|
||||
|
|
|
@ -207,6 +207,17 @@ each category, the available configuration keys are alphabetized.
|
|||
- `skip_region_validation` (boolean) - Set to true if you want to skip
|
||||
validation of the `ami_regions` configuration option. Default `false`.
|
||||
|
||||
- `snapshot_tags` (object of key/value strings) - Tags to apply to snapshot.
|
||||
They will override AMI tags if already applied to snapshot.
|
||||
|
||||
- `snapshot_groups` (array of strings) - A list of groups that have access to
|
||||
create volumes from the snapshot(s). By default no groups have permission to create
|
||||
volumes form the snapshot(s). `all` will make the snapshot publicly accessible.
|
||||
|
||||
- `snapshot_users` (array of strings) - A list of account IDs that have access to
|
||||
create volumes from the snapshot(s). By default no additional users other than the
|
||||
user creating the AMI has permissions to create volumes from the backing snapshot(s).
|
||||
|
||||
- `source_ami_filter` (object) - Filters used to populate the `source_ami` field.
|
||||
Example:
|
||||
|
||||
|
@ -237,9 +248,6 @@ each category, the available configuration keys are alphabetized.
|
|||
- `most_recent` (bool) - Selects the newest created image when true.
|
||||
This is most useful for selecting a daily distro build.
|
||||
|
||||
- `snapshot_tags` (object of key/value strings) - Tags to apply to snapshot.
|
||||
They will override AMI tags if already applied to snapshot.
|
||||
|
||||
- `tags` (object of key/value strings) - Tags applied to the AMI.
|
||||
|
||||
## Basic Example
|
||||
|
|
|
@ -114,9 +114,21 @@ builder.
|
|||
described above. Note that if this is specified, you must omit the
|
||||
`security_group_id`.
|
||||
|
||||
- `shutdown_behaviour` (string) - Automatically terminate instances on shutdown
|
||||
incase packer exits ungracefully. Possible values are "stop" and "terminate",
|
||||
default is stop.
|
||||
|
||||
- `skip_region_validation` (boolean) - Set to true if you want to skip
|
||||
validation of the region configuration option. Defaults to false.
|
||||
|
||||
- `snapshot_groups` (array of strings) - A list of groups that have access to
|
||||
create volumes from the snapshot(s). By default no groups have permission to create
|
||||
volumes form the snapshot(s). `all` will make the snapshot publicly accessible.
|
||||
|
||||
- `snapshot_users` (array of strings) - A list of account IDs that have access to
|
||||
create volumes from the snapshot(s). By default no additional users other than the
|
||||
user creating the AMI has permissions to create volumes from the backing snapshot(s).
|
||||
|
||||
- `source_ami_filter` (object) - Filters used to populate the `source_ami` field.
|
||||
Example:
|
||||
|
||||
|
@ -196,10 +208,6 @@ builder.
|
|||
- `windows_password_timeout` (string) - The timeout for waiting for a Windows
|
||||
password for Windows instances. Defaults to 20 minutes. Example value: "10m"
|
||||
|
||||
- `shutdown_behaviour` (string) - Automatically terminate instances on shutdown
|
||||
incase packer exits ungracefully. Possible values are "stop" and "terminate",
|
||||
default is stop.
|
||||
|
||||
## Basic Example
|
||||
|
||||
```
|
||||
|
|
|
@ -190,9 +190,24 @@ builder.
|
|||
described above. Note that if this is specified, you must omit the
|
||||
`security_group_id`.
|
||||
|
||||
- `shutdown_behaviour` (string) - Automatically terminate instances on shutdown
|
||||
incase packer exits ungracefully. Possible values are "stop" and "terminate",
|
||||
default is stop.
|
||||
|
||||
- `skip_region_validation` (boolean) - Set to true if you want to skip
|
||||
validation of the region configuration option. Default `false`.
|
||||
|
||||
- `snapshot_groups` (array of strings) - A list of groups that have access to
|
||||
create volumes from the snapshot(s). By default no groups have permission to create
|
||||
volumes form the snapshot(s). `all` will make the snapshot publicly accessible.
|
||||
|
||||
- `snapshot_users` (array of strings) - A list of account IDs that have access to
|
||||
create volumes from the snapshot(s). By default no additional users other than the
|
||||
user creating the AMI has permissions to create volumes from the backing snapshot(s).
|
||||
|
||||
- `snapshot_tags` (object of key/value strings) - Tags to apply to snapshot.
|
||||
They will override AMI tags if already applied to snapshot.
|
||||
|
||||
- `source_ami_filter` (object) - Filters used to populate the `source_ami` field.
|
||||
Example:
|
||||
|
||||
|
@ -223,9 +238,6 @@ builder.
|
|||
- `most_recent` (bool) - Selects the newest created image when true.
|
||||
This is most useful for selecting a daily distro build.
|
||||
|
||||
- `snapshot_tags` (object of key/value strings) - Tags to apply to snapshot.
|
||||
They will override AMI tags if already applied to snapshot.
|
||||
|
||||
- `spot_price` (string) - The maximum hourly price to pay for a spot instance
|
||||
to create the AMI. Spot instances are a type of instance that EC2 starts
|
||||
when the current spot price is less than the maximum price you specify. Spot
|
||||
|
@ -287,10 +299,6 @@ builder.
|
|||
- `windows_password_timeout` (string) - The timeout for waiting for a Windows
|
||||
password for Windows instances. Defaults to 20 minutes. Example value: "10m"
|
||||
|
||||
- `shutdown_behaviour` (string) - Automatically terminate instances on shutdown
|
||||
incase packer exits ungracefully. Possible values are "stop" and "terminate",
|
||||
default is stop.
|
||||
|
||||
## Basic Example
|
||||
|
||||
Here is a basic example. You will need to provide access keys, and may need to change the AMI IDs according to what images exist at the time the template is run:
|
||||
|
|
|
@ -207,6 +207,14 @@ builder.
|
|||
- `skip_region_validation` (boolean) - Set to true if you want to skip
|
||||
validation of the region configuration option. Default `false`.
|
||||
|
||||
- `snapshot_groups` (array of strings) - A list of groups that have access to
|
||||
create volumes from the snapshot(s). By default no groups have permission to create
|
||||
volumes form the snapshot(s). `all` will make the snapshot publicly accessible.
|
||||
|
||||
- `snapshot_users` (array of strings) - A list of account IDs that have access to
|
||||
create volumes from the snapshot(s). By default no additional users other than the
|
||||
user creating the AMI has permissions to create volumes from the backing snapshot(s).
|
||||
|
||||
- `source_ami_filter` (object) - Filters used to populate the `source_ami` field.
|
||||
Example:
|
||||
|
||||
|
|
Loading…
Reference in New Issue