From cea2ab8c6d71ec93c91269610c0bd7f72de6c838 Mon Sep 17 00:00:00 2001
From: Matthew Hooker <mwhooker@gmail.com>
Date: Fri, 12 Jan 2018 15:10:51 -0800
Subject: [PATCH] move kms/encrypted validation to block devices

---
 builder/amazon/common/block_device.go | 22 +++++++++++++++++++++-
 builder/amazon/ebsvolume/builder.go   |  9 ++++-----
 2 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/builder/amazon/common/block_device.go b/builder/amazon/common/block_device.go
index cb490c3d4..c88e1cbb5 100644
--- a/builder/amazon/common/block_device.go
+++ b/builder/amazon/common/block_device.go
@@ -1,6 +1,7 @@
 package common
 
 import (
+	"fmt"
 	"strings"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -86,10 +87,29 @@ func buildBlockDevices(b []BlockDevice) []*ec2.BlockDeviceMapping {
 	return blockDevices
 }
 
-func (b *BlockDevices) Prepare(ctx *interpolate.Context) []error {
+func (b *BlockDevice) Prepare(ctx *interpolate.Context) error {
+	// Warn that encrypted must be true when setting kms_key_id
+	if b.KmsKeyId != "" && b.Encrypted == false {
+		return fmt.Errorf("The device %v, must also have `encrypted: "+
+			"true` when setting a kms_key_id.", b.DeviceName)
+	}
 	return nil
 }
 
+func (b *BlockDevices) Prepare(ctx *interpolate.Context) (errs []error) {
+	for _, d := range b.AMIMappings {
+		if err := d.Prepare(ctx); err != nil {
+			errs = append(errs, fmt.Errorf("AMIMapping: %s", err.Error()))
+		}
+	}
+	for _, d := range b.LaunchMappings {
+		if err := d.Prepare(ctx); err != nil {
+			errs = append(errs, fmt.Errorf("LaunchMapping: %s", err.Error()))
+		}
+	}
+	return errs
+}
+
 func (b *AMIBlockDevices) BuildAMIDevices() []*ec2.BlockDeviceMapping {
 	return buildBlockDevices(b.AMIMappings)
 }
diff --git a/builder/amazon/ebsvolume/builder.go b/builder/amazon/ebsvolume/builder.go
index d8f905f6c..b95af11f8 100644
--- a/builder/amazon/ebsvolume/builder.go
+++ b/builder/amazon/ebsvolume/builder.go
@@ -56,12 +56,11 @@ func (b *Builder) Prepare(raws ...interface{}) ([]string, error) {
 	var errs *packer.MultiError
 	errs = packer.MultiErrorAppend(errs, b.config.AccessConfig.Prepare(&b.config.ctx)...)
 	errs = packer.MultiErrorAppend(errs, b.config.RunConfig.Prepare(&b.config.ctx)...)
+	errs = packer.MultiErrorAppend(errs, b.config.launchBlockDevices.Prepare(&b.config.ctx)...)
 
-	// Warn that encrypted must be true when setting kms_key_id
-	for _, device := range b.config.VolumeMappings {
-		if device.KmsKeyId != "" && device.Encrypted == false {
-			errs = packer.MultiErrorAppend(errs, fmt.Errorf("The device %v, must also have `encrypted: "+
-				"true` when setting a kms_key_id.", device.DeviceName))
+	for _, d := range b.config.VolumeMappings {
+		if err := d.Prepare(&b.config.ctx); err != nil {
+			errs = packer.MultiErrorAppend(errs, fmt.Errorf("AMIMapping: %s", err.Error()))
 		}
 	}