Commit Graph

622 Commits

Author SHA1 Message Date
Adrien Delorme f535464097 up a test 2019-02-27 11:17:56 +01:00
Adrien Delorme f03cbd8a10 aws: allow to pass nil bool as encryption parameter
to retain current encryption settings

this changes the fields :
* ami_config.encrypt_boot
* block_device.encrypted

This also removes StepCreateEncryptedAMICopy as this step is now done in StepAMIRegionCopy
2019-02-27 11:17:56 +01:00
Adrien Delorme ce8532e94b aws: document ValidateRegion better 2019-02-27 11:17:08 +01:00
Adrien Delorme 6af621c37a aws: StepAMIRegionCopy call waitgroup.add only once 2019-02-27 11:17:08 +01:00
Michael F 01a0b0c766 kmsArnStartPattern - fix support for aws-us-gov
While the `kmsArnStartPattern` regexp supports `us-gov` as a region, it does not take the AWS partition into consideration.
For more info see https://docs.aws.amazon.com/govcloud-us/latest/ug-east/using-govcloud-arns.html

Added test case for AWS partition us-gov as well as a negative test case for a non-existing AWS partition.
2019-02-26 16:54:54 -08:00
Megan Marsh 026e543b24 move snapshot deletion to cleanup; this allows people with tag-specific permissions to perform snapshot deletion operation 2019-02-25 17:01:19 -08:00
Megan Marsh 2a613dd6e9 fix up the github suggestion 2019-02-11 11:49:17 -08:00
Adrien Delorme 3ae5a912d4
Update builder/amazon/common/step_pre_validate.go
Co-Authored-By: SwampDragons <megan@hashicorp.com>
2019-02-11 11:41:58 -08:00
Megan Marsh 3704a053d0 move region validation and credential wait into step pre validate 2019-02-05 14:07:04 -08:00
Megan Marsh 8add176ab7 finish first pass at vault code; needs testing and cleanup of error messages 2019-02-04 15:54:14 -08:00
Megan Marsh 7a78b47e83 make vault engine stuff into a little struct for easier management 2019-02-04 15:29:45 -08:00
Megan Marsh 035c3506ba manually set proxyfromenvironment in default http client for ec2 sessions 2019-01-25 12:33:25 -08:00
Adrien Delorme 4a2773f8fa remove default max retries config of 8, it will now be used from env
removing the code that wants to guess region from metadata allows us to change that setting, which can now be taken from environment.
2019-01-25 13:51:02 +01:00
Adrien Delorme 964b149df2 aws: remove now unused AccessConfig.metadataRegion 2019-01-25 13:03:14 +01:00
Adrien Delorme 335f442b51 aws: unwrap AccessConfig.region func
* it was used only in the Session() call.
* default region guessing from metadata should happen in the SDK, not 'manually'
2019-01-25 13:02:42 +01:00
Adrien Delorme 54af9951a8 make guard clauses to clearly see success pass 2019-01-25 13:00:21 +01:00
Adrien Delorme 0864b4d07b name unclear import 2019-01-25 12:59:43 +01:00
Megan Marsh e0543246fa remove commented code 2019-01-16 11:05:11 -08:00
Megan Marsh 783ed32e7e fix region stuff 2019-01-16 11:02:58 -08:00
Megan Marsh ee2e5cc874
Merge pull request #7080 from hashicorp/do_6508
Move logging about aws waiters to the access config prepare() so that…
2018-12-12 15:42:37 -08:00
Tom Elliff 12bf7fc4d6 Check that the KMS key ID is valid
KMS key IDs can be given as either a raw key ID, an alias (always prefixed with 'alias/'), the full ARN to the KMS key ID or the full ARN to the KMS key alias.

Should help with https://github.com/hashicorp/packer/issues/6599 but probably isn't enough to fully close it.
2018-12-12 11:41:58 +00:00
Megan Marsh 042e9ad14b Move logging about aws waiters to the access config prepare() so that it's only spit out once per builder. 2018-12-06 14:37:31 -08:00
Megan Marsh da6e350949 fix tests 2018-11-20 15:20:01 -08:00
Megan Marsh fbb3d526e3 move region validation to run so that we don't break validation when we don't have aws creds set 2018-11-20 15:01:28 -08:00
Mikhail Ushanov 536252683e builders: reuse private key file reading function
Signed-off-by: Mikhail Ushanov <gm.mephisto@gmail.com>
2018-11-08 14:25:50 +03:00
Megan Marsh 79862f1bbb
Merge pull request #6931 from hashicorp/fix_6919
aws: better error handling of region/credential guessing from metadata
2018-11-05 11:24:09 -08:00
Adrien Delorme 3f288fc6ca aws client: config.WithMaxRetries(8) 2018-11-01 15:09:07 +01:00
Mikhail Ushanov 4608b5d39d amazon: add option for skipping TLS verification
Signed-off-by: Mikhail Ushanov <gm.mephisto@gmail.com>
2018-10-29 21:35:29 +03:00
Adrien Delorme f4fbf45349 remove duplicate region check error 2018-10-26 17:44:56 +02:00
Adrien Delorme 16aa21dffe aws: better error handling of region guessing from metadata
* this will fix #6919
2018-10-26 12:24:10 +02:00
Adrien Delorme ed793a8fb8 make ValidateRegion a member of *AccessConfig and make it variadic 2018-10-24 11:26:53 +02:00
Megan Marsh fe044d8ff7 fix tests 2018-10-23 13:31:56 -07:00
Megan Marsh 340009009d Revert "Revert "Merge pull request #6892 from hashicorp/fix_6890""
This reverts commit 0cd3f36d50.
2018-10-23 09:58:27 -07:00
Megan Marsh 0cd3f36d50 Revert "Merge pull request #6892 from hashicorp/fix_6890"
This reverts commit 1c4062c316, reversing
changes made to 9bc41a23b9.
2018-10-23 09:34:05 -07:00
Megan Marsh 0924a316b7 fix template-set credentials
update tests with mocked session
2018-10-22 13:53:40 -07:00
Megan Marsh 9573013d3a
Merge pull request #6872 from aspectcapital/disable-ena-support
Add support to explicitly disable ENA support
2018-10-19 10:54:38 -07:00
Matt Dainty feb8067c7d Convert `ena_support` to a pointer
This means it now has three states, `true`, `false`, & `nil`. The
default state is now `nil` which does nothing instead of `false` which
now will explicitly disable ENA support instead of just not enabling it.
2018-10-19 12:40:43 +01:00
Megan Marsh 57f87f58b9
Merge pull request #6374 from rickard-von-essen/aws-filters
builder/amazon: Add suppport for vpc_filter, subnet_filter, and security_group_filter
2018-10-18 14:34:02 -07:00
Megan Marsh 2266514408
Merge pull request #6843 from gmmephisto/pr-master-aws-security-group
aws: wait for temporary security group before authorize rules
2018-10-17 14:08:49 -07:00
Megan Marsh e7d3a30c0e
Merge pull request #6865 from hashicorp/fix_6862
Fix 6862
2018-10-17 13:07:29 -07:00
Mikhail Ushanov 00c96fc400 aws: use IpPermissions for authorizing temporary security group
Signed-off-by: Mikhail Ushanov <gm.mephisto@gmail.com>
2018-10-17 22:00:25 +03:00
Mikhail Ushanov b316be51cd aws: wait for temporary security group before authorizing
Signed-off-by: Mikhail Ushanov <gm.mephisto@gmail.com>
2018-10-17 22:00:24 +03:00
Megan Marsh b0cfecf314 remove unnecessary valid flag 2018-10-17 11:03:31 -07:00
Matt Dainty 9e0fae9db3 Add support to explicitly disable ENA support
If `ena_support` is set to false then it previously didn't do anything
whereas now it will explicitly disable ENA support.

Fixes #6852
2018-10-17 14:58:07 +01:00
Megan Marsh d4767845f0 fix tests 2018-10-16 15:01:13 -07:00
Megan Marsh 7c3f0aa3b2 make sure region validation catches authentication errors 2018-10-16 14:17:30 -07:00
Mikhail Ushanov ee133482b4 aws: add validation for device_name parameter
cause it's required in block-device-mapping.

Signed-off-by: Mikhail Ushanov <gm.mephisto@gmail.com>
2018-10-16 21:37:48 +03:00
Megan Marsh 02bfac118f default wait time for amazon import to one hour. 2018-10-09 13:08:42 -07:00
Megan Marsh f494d87dc5
Merge pull request #6747 from hashicorp/fix_6743
abort if image import fails
2018-10-09 12:56:28 -07:00
Adrien Delorme f44dfcc62f
Merge pull request #6727 from hashicorp/fix_6723
reset poll delay seconds default to 2 because it can actuall be used …
2018-10-03 11:15:42 +02:00