This commit adds a new type of builder which builds an AMI based on a
snapshot of an EBS volume which is provisioned on a "surrogate"
instance. This can be used to build operating system images from
scratch, but unlike the `chroot` builder does not require running from
an AWS EC2 instance.
If `security_group_id` was specified with a group that didn't exist, packer
would go into an infinite loop waiting for it. We shouldn't make assumptions
about the status of explicitely set security groups, so let's just error out
right away if we can't find it.
When an ebs volume fails to delete, Packer reports that there
was an error deleting the volume and the volume id. But it doesn't
give you the details of what that error is. This commit adds the
error reported back to the standard output.
As noted in #4277, we don't report any errors from the loop waiting for
a security group to exist. Instead, we should accept 'errors' which result
from the group not yet existing, and report errors which are actual issues
the user needs to resolve (eg, IAM permissions are incorrect).
Closes#4277
Added the 'kms_key_id' parameter. This supports supplying a customer master key (CMK) when encrypting the EBS volume.
The parameter is optional and only takes effect when 'encrypted' is true. When 'encrypted' is true but 'kms_key_id' is missing the 'aws/ebs' key will be used.
This PR adds the ability for Packer to clean up snapshots in addition to
deregistering AMIs at build time.
To test this, I used the following `test.json` file:
```json
{
"builders": [
{
"type": "amazon-ebs",
"region": "us-east-1",
"source_ami": "ami-fce3c696",
"ami_name": "packer-test",
"instance_type": "m3.medium",
"ssh_username": "ubuntu",
"vpc_id": "some-vpc-id",
"subnet_id": "some-subnet-routed-through-igw",
"security_group_id": "some-security-group-with-port-22-access",
"force_delete_snapshot": true
}
],
"provisioners": [
{
"type": "shell-local",
"command": "echo 'hello'"
}
]
}
```
I appreciate any constructive feedbakc that can be given. Cheers!
While implementing my acceptance test, I stumbled upon a comment stating
that snapshot deletion should also be implemented, so I snuck that in. I
can't help but wonder if there is some generic logic that is implemented
a few times throughout the packer code base that could maybe better serve
us if it were abstracted to the common package.