phils
700e747cb9
Fix IAM permissions for spot based on changes in 7682
2019-07-01 00:51:34 +10:00
Adrien Delorme
4f46bd74ab
Merge pull request #7313 from kristi/patch-1
...
add DescribeInstanceStatus to minimum permissions
2019-02-18 18:19:56 +01:00
Kristi
7e7e486901
add DescribeInstanceStatus to minimum permissions
...
Packer needs DescribeInstanceStatus or else it ends up waiting forever for the instance to become ready.
2019-02-14 11:53:53 -08:00
Megan Marsh
af7131b169
tests, logic cleanup, docs for vagrant builder
2019-02-04 14:08:43 -08:00
Megan Marsh
ad21367b21
vagrant builder
2019-02-04 14:08:43 -08:00
Matthew Hooker
88d27f37a7
make fmt-docs
2018-10-26 17:02:51 -07:00
Kevin Hicks
03f8680c3c
Remove json specifier from doc code block
2018-10-18 16:53:57 -05:00
Megan Marsh
14166fdd99
update amazon import docs to include the env vars for setting aws waiter delays and timeouts
2018-07-11 10:36:21 -07:00
Fotios Lindiakos
896ceee902
Update list of required IAM permissions
...
The `ec2:DescribeSpotPriceHistory` is required when the `spot_price` parameter is set to `auto`.
2018-06-22 18:55:50 -04:00
EximChua
286a5aa8c7
Update info on format of the credentials file
...
Update info on format of the credentials file.
2018-06-13 15:34:06 +08:00
stack72
1bc471073f
docs/aws: Update documentation for AWS Spot Instances
...
The docs didn't specify that `ec2:DescribeSpotInstanceRequests` was
required. This causes an error as follows:
```
Error waiting for spot request (sir-yg6866gj) to become ready:
UnauthorizedOperation: You are not authorized to perform this operation.
```
This is because the permission to describe instance state is not available
2018-06-08 03:04:22 +03:00
alexgottschalkmedal
38e419dd8c
Update amazon.html.md
...
Fix typo - CreateKeypair should be CreateKeyPair
2018-04-19 13:07:20 -07:00
Matthew Hooker
b16f2ec64b
builder/amazon: Use sdk default cred providers
...
I think we were overcomplicating things. The SDK provides the correct
credential chain by default, so let's use that. This patch does a quick
check for static credentials and uses those if found, then defaults to
the default credential provider chain.
This patch also removes the metadata timeout argument. Current versions
of the SDK have short timeouts by default, so I don't believe this is
needed.
2018-03-15 16:49:47 -07:00
Megan Marsh
d07a2dda7d
fix grammar in docs
2018-02-15 14:28:22 -08:00
SwampDragons
23567aad6f
Merge pull request #5197 from BWITS/feature/policy_for_spot_instance
...
Add policies to use spot instance to create the AMI
2018-02-15 14:27:04 -08:00
Matthew Hooker
5b64f71702
Merge pull request #5764 from hashicorp/fix5760
...
"borrow" access config code from terraform.
2018-02-08 14:55:43 -08:00
Matthew Hooker
a9b48309c9
update amazon authentication docs
...
Correct docs to reflect new behavior. This is largely borrowed from
terraform.
2018-02-08 14:48:04 -08:00
Matthew Hooker
f5ea1e8312
Use WaitUntilInstanceReady waiter
2018-01-10 15:57:31 -08:00
Matthew Hooker
cba1a0598f
document additional aws permission
2017-12-12 21:13:09 -08:00
Bill Wang
28a986691d
Add policies to use spot instance to create the AMI
2017-08-01 21:24:43 +10:00
Matthew Hooker
bcc0d24bf4
run docs through pandoc
2017-06-14 18:13:46 -07:00
Matthew Hooker
176715b7f0
document profile option.
2017-06-14 16:45:18 -07:00
Matthew Hooker
160d31a568
update documentation on automatic lookup of credentials.
...
Reverts work in #4612
2017-06-13 16:24:50 -07:00
Rickard von Essen
5bc8edc3b2
Updated AWS docs for using default chain
2017-06-09 10:35:48 -07:00
Rickard von Essen
f4f0560101
Updated docs about AWS credentials handeling
2017-06-09 10:29:47 -07:00
Matthew Hooker
d30605fdfb
use json markdown syntax
2017-04-18 11:35:42 -07:00
Seth Vargo
6b80c21043
Revamp pages and docs to fit HashiCorp brand
2017-03-28 16:05:19 -04:00
Kerim Satirli
37feec41d9
fixes broken link to EBS surrogate page
2017-03-06 09:44:07 +01:00
Matthew Hooker
131e1e3857
clarify that it's profile name
2017-02-28 23:23:36 -08:00
Matthew Hooker
6b95de73c4
document how aws-sdk uses the shared credentials file
...
from https://docs.aws.amazon.com/sdk-for-go/api/aws/credentials/\#SharedCredentialsProvider
2017-02-28 23:09:52 -08:00
James Nugent
635aeb765b
amazon/ebssurrogate: Add New Builder
...
This commit adds a new type of builder which builds an AMI based on a
snapshot of an EBS volume which is provisioned on a "surrogate"
instance. This can be used to build operating system images from
scratch, but unlike the `chroot` builder does not require running from
an AWS EC2 instance.
2017-02-21 18:38:19 -06:00
Matthew Hooker
b04a878ea8
small spelling fix
2017-02-21 11:13:06 -08:00
Rickard von Essen
d1b9a91e3d
Change all builder docs to the expected file names
2017-01-14 13:03:39 +01:00
Rickard von Essen
4ce3b8712a
Replace unencrypted EBS snapshots with encrypted
...
To ensure that groups and users attributes are added to the encrypted
snapshots.
2016-12-06 03:31:09 +01:00
Ari Aviran
46f217f255
amazon - Snapshot permissions correctly applied
...
Fixes #3344
2016-12-04 16:03:01 +01:00
Rickard von Essen
d8ef6d1977
Fixed formatting of source_ami_filter example
2016-11-30 12:32:46 +01:00
Matthew Hooker
7443e21992
fix broken link in docs
2016-11-16 12:39:23 -08:00
Matthew Hooker
1cf9dbf27d
fix json
2016-11-09 11:20:06 -08:00
Matthew Hooker
3d69af1247
sort/uniq IAM policies
2016-11-03 11:49:50 -07:00
Matthew Hooker
ac8e70ade0
Revert "Remove duplicate permission"
...
This reverts commit 78067ff949
.
2016-11-03 11:48:55 -07:00
Matthew Hooker
8eab0ee5b2
Merge pull request #4109 from mitchellh/b-docs
...
builder/amazon: Fix doc of EBS Volume builder name
2016-11-03 10:29:57 -07:00
James Nugent
33c423529d
builder/amazon: Fix doc of EBS Volume builder name
...
Various things still referred to `ebsinit` or `ebs-volume` - the
imported name was `amazon-ebsvolume`.
2016-11-03 11:59:02 -04:00
Amo Chumber
78067ff949
Remove duplicate permission
...
In the suggested policy `ec2:CopyImage` was listed twice.
I've also sorted alphabetically to make it easier for somebody who might be recreating the policy in the AWS gui to follow along more easily.
2016-11-03 14:41:12 +00:00
James Nugent
b1ff8c3bfc
builder/amazon: Add `ebs-volume` builder
...
This commit adds a builder that works like EBS builders, except does not
create an AMI, and instead is intended to create EBS volumes in an
initialized state. For example, the following template can be used to
create and export a set of 3 EBS Volumes in a ZFS zpool named `data` for
importing by instances running production systems:
```
{
"variables": {
"aws_access_key_id": "{{ env `AWS_ACCESS_KEY_ID` }}",
"aws_secret_access_key": "{{ env `AWS_SECRET_ACCESS_KEY` }}",
"region": "{{ env `AWS_REGION` }}",
"source_ami": "{{ env `PACKER_SOURCE_AMI` }}",
"vpc_id": "{{ env `PACKER_VPC_ID` }}",
"subnet_id": "{{ env `PACKER_SUBNET_ID` }}"
},
"builders": [{
"type": "amazon-ebs-volume",
"access_key": "{{ user `aws_access_key_id` }}",
"secret_key": "{{ user `aws_secret_access_key` }}",
"region": "{{user `region`}}",
"spot_price_auto_product": "Linux/UNIX (Amazon VPC)",
"ssh_pty": true,
"instance_type": "t2.medium",
"vpc_id": "{{user `vpc_id` }}",
"subnet_id": "{{user `subnet_id` }}",
"associate_public_ip_address": true,
"source_ami": "{{user `source_ami` }}",
"ssh_username": "ubuntu",
"ssh_timeout": "5m",
"ebs_volumes": [
{
"device_name": "/dev/xvdf",
"delete_on_termination": false,
"volume_size": 10,
"volume_type": "gp2",
"tags": {
"Name": "TeamCity-Data1",
"zpool": "data",
"Component": "TeamCity"
}
},
{
"device_name": "/dev/xvdg",
"delete_on_termination": false,
"volume_size": 10,
"volume_type": "gp2",
"tags": {
"Name": "TeamCity-Data2",
"zpool": "data",
"Component": "TeamCity"
}
},
{
"device_name": "/dev/xvdh",
"delete_on_termination": false,
"volume_size": 10,
"volume_type": "gp2",
"tags": {
"Name": "TeamCity-Data3",
"zpool": "data",
"Component": "TeamCity"
}
}
]
}],
"provisioners": [
{
"type": "shell",
"start_retry_timeout": "10m",
"inline": [
"DEBIAN_FRONTEND=noninteractive sudo apt-get update",
"DEBIAN_FRONTEND=noninteractive sudo apt-get install -y zfs",
"lsblk",
"sudo parted /dev/xvdf --script mklabel GPT",
"sudo parted /dev/xvdg --script mklabel GPT",
"sudo parted /dev/xvdh --script mklabel GPT",
"sudo zpool create -m none data raidz xvdf xvdg xvdh",
"sudo zpool status",
"sudo zpool export data",
"sudo zpool status"
]
}
]
}
```
StepModifyInstance and StepStopInstance are now shared between EBS and
EBS-Volume builders - move them into the AWS common directory and rename
them to indicate that they only apply to EBS-backed builders.
2016-11-02 12:56:39 -04:00
Jinesh Choksi
0f4d2341cb
Packer v0.11.0 requires "ec2:DescribeSecurityGroups" permissions to work
...
Without the "ec2:DescribeSecurityGroups" permission, you would get the following error:
2016/10/25 16:03:28 ui: ==> aws: Creating temporary security group for this instance...
2016/10/25 16:03:28 packer.exe: 2016/10/25 16:03:28 Temporary group name: packer 580f7440-2135-068c-99b7-35595a7522d1
2016/10/25 16:03:28 ui: ==> aws: Authorizing access to port 22 the temporary security group...
2016/10/25 16:03:28 packer.exe: 2016/10/25 16:03:28 [DEBUG] Describing tempSecurityGroup to ensure it is available: sg-38e0355e
2016/10/25 16:03:29 packer.exe: 2016/10/25 16:03:29 [DEBUG] Error in querying security group UnauthorizedOperation: You are not authorized to perform this operation.
2016/10/25 16:03:29 packer.exe: status code: 403, request id: bc664eff-cc01-42c1-8408-23493c11d92d
2016-10-25 16:27:20 +01:00
Matthew Hooker
24c4ba3bb5
add the error you might see
2016-10-03 17:40:52 -07:00
Matthew Hooker
7a1b84cec1
add some debugging info for if your clock is skewed
2016-10-02 17:32:57 -07:00
Huy Nguyen
5e1aa22dc7
IAM permission needed to deregister failed images ( #3796 )
2016-08-23 23:55:01 +02:00
www.elconas.de
e6c590ace4
Fix IAM Policy to avoid 'Error enabling Enhanced Networking on xxxxxxx: UnauthorizedOperation: You are not authorized to perform this operation' ( #3696 )
2016-08-23 23:54:42 +02:00
mieciu
23296988b8
Update example AWS policy document
2016-08-22 17:06:20 +02:00