Commit Graph

57 Commits

Author SHA1 Message Date
Matthew Hooker b16f2ec64b
builder/amazon: Use sdk default cred providers
I think we were overcomplicating things. The SDK provides the correct
credential chain by default, so let's use that. This patch does a quick
check for static credentials and uses those if found, then defaults to
the default credential provider chain.

This patch also removes the metadata timeout argument. Current versions
of the SDK have short timeouts by default, so I don't believe this is
needed.
2018-03-15 16:49:47 -07:00
Matthew Hooker e483087574
builder/amazon: Use service default retries.
Each service has its own preconfigured number of times to retry.
Lets use that instead of setting a global number.
2018-03-14 22:26:35 -07:00
Matthew Hooker 2806523834
Fix issue with assume role credentials 2018-02-15 14:54:01 -08:00
Matthew Hooker 5b64f71702
Merge pull request #5764 from hashicorp/fix5760
"borrow" access config code from terraform.
2018-02-08 14:55:43 -08:00
Matthew Hooker 21812fa17f
Add volume and run tags if in us-gov/china
We can't tag on instance creation when we're in "restricted" regions,
so let's add the tags after the resources have been created.

Adds methods to AccessConfig to detect if we're in China or US Gov
regions (i.e. "restricted").

Also turns tag:tag maps into a type, and moves methods around validating
and converting them to ec2Tags to methods of the type.
2018-02-05 16:39:20 -08:00
Matthew Hooker c5bcb97d06
"borrow" access config code from terraform.
This gives us a few benefits:

* timeout early if metadata service can't be reached
* report which auth provider we're using
* give much better errors if something goes wrong
2018-01-04 15:04:07 -08:00
Matthew Hooker 98c2a2d1f7
builder/aws: catch static credential errors early.
If we're using static credentials, either both the access key and secret key must be set, or neither of them should be.
2018-01-04 11:50:27 -08:00
Matthew Hooker 7b5c0900ef
Correctly set aws region if given in template along with a profile. 2017-12-07 11:12:57 -08:00
Matthew Hooker 0a24f4eb2e
don't shadow package name 2017-11-07 16:05:43 -08:00
Matthew Hooker 545ee45567
debug region we found 2017-11-07 14:51:20 -08:00
Matthew Hooker c106e7c26c
Don't set region from metadata if profile is set. 2017-11-07 14:33:26 -08:00
Matthew Hooker 52fc0100eb
this is a critical error 2017-11-07 12:52:03 -08:00
Matthew Hooker d322fc6c19
Shorten metadata timeout
When running in travis, metadata requests will timeout after 5 seconds.
After 24 such timeouts, we'll hit travis' build timeout of two minutes,
and the build will fail. Lowering it to 100 gets us in a safe time
limit. We _may_ need to expose a timeout env var with this logic,
however.
2017-10-30 15:22:15 -07:00
Matthew Hooker 314fc94bd8
clean up 2017-10-30 15:02:39 -07:00
Matthew Hooker 0e4ea7420b
fix tests 2017-10-30 14:34:16 -07:00
Matthew Hooker c65fa8490d
fix various bugs deregistering AMIs
always deregister ami in session region
validate that session region does not appear in ami_regions
2017-10-30 14:17:19 -07:00
Matthew Hooker febc65aa7c
try again to get region from metadata 2017-06-14 16:30:18 -07:00
Matthew Hooker 350e8bfe0d
we don't need to look for region in metadata.
Closes #4615'
2017-06-13 17:35:48 -07:00
Matthew Hooker a619759bf7
add support for profile 2017-06-09 11:24:30 -07:00
Matthew Hooker 3fb4162660
remove code from bad merge 2017-06-09 11:07:29 -07:00
Matthew Hooker 624aaa2067
bugfix 2017-06-09 11:01:27 -07:00
Matthew Hooker f637878822
with wrapping 2017-06-09 10:46:01 -07:00
Matthew Hooker 23084fe171
dedupe 2017-06-09 10:41:58 -07:00
Rickard von Essen 15f80dc5ab
aws: Drop undocumented option `profile`
This was added in 883acb18fa to support
assume role and shared configuration file. This was never completed.
2017-06-09 10:37:54 -07:00
Matthew Hooker 56c513088b
I think this was the intention 2017-06-09 10:34:49 -07:00
Matthew Hooker 94854a26d9
fix go vet issue 2017-06-09 10:30:07 -07:00
Rickard von Essen f106e60a7e
builder/amazon: Added MFA support 2017-06-09 10:28:31 -07:00
Rickard von Essen f55c3b9d34
builder/amazon: Support assume role with assume_role_arn
This supports assuming a role when using profile or static credentials.
2017-06-09 10:27:56 -07:00
Rickard von Essen 3833d34829
builder/amazon: Cleaned up credential handeling
This properly handles:
- Preference between types of credential
- Assume role via ECS Task Role
2017-06-09 10:26:22 -07:00
Rémi Jouannet 45143bb6f4 add an option custom_endpoint_ec2 for amazon builder, add a condition if vpc_id is empty don't add the parameter to the aws call 2017-05-17 18:45:20 +02:00
Matthew Hooker 81522dced0
move packer to hashicorp 2017-04-04 13:39:01 -07:00
Matthew Hooker 35578d9ed1
remove unnecessary type conversions 2017-03-28 20:36:21 -07:00
Matthew Hooker 79287d7e47
simplify some code 2017-03-28 20:36:20 -07:00
Matthew Hooker 9a91ae4e8f
fix new session error when creating cred chain.
the old and deprecated method won't error and so is safe to use
even if we're not in amazon.
2016-11-14 11:39:22 -08:00
Matthew Hooker 48bdae93d1 aws-sdk: use session.NewSession 2016-11-01 15:53:04 -07:00
owjjh 658fadbc53 changing if conditionals to be ! instead of == false 2016-06-07 09:21:43 -04:00
owjjh d489ce9904 make fmt run 2016-06-06 14:37:09 -04:00
owjjh de5b69a8df Adding ability to skip region validation when using AWS 2016-06-06 14:17:12 -04:00
Chris Bednarski d0ab8658bc Create a session for EC2RoleProvider; prevents crash; fixes #3123 2016-02-19 17:10:05 -08:00
Christopher Gerber f1ae2a2b5a Moved assume credentials to CLIConfig. Added new functions and methods to CLIConfig. Ran gofmt. 2016-02-03 15:53:01 -06:00
Christopher Gerber 7975c5e336 Move CLIConfig instantiation inside of ProfileName check. 2016-02-02 08:36:36 -06:00
Christopher Gerber 883acb18fa IAM Role Switching
Adds initial IAM Role Switching support and support for AWS CLI Credential and Config files.

See: https://github.com/mitchellh/packer/issues/3109
2016-02-01 18:55:59 -06:00
Chris Bednarski 4cc443da8e Update use of ec2rolecreds to match upstream 2015-08-10 13:59:56 -07:00
Chris Bednarski 28bf1877c2 Updated AWS SDK calls to match the 0.7.0 release of the AWS SDK 2015-07-28 17:10:21 -07:00
Seth Vargo 33ca8b7fb5 Migrate to new AWS repo 2015-06-03 17:13:52 -04:00
Mitchell Hashimoto b78b119a11 amazon/*: fix merge issues with lib switch 2015-05-28 08:31:22 -07:00
Mitchell Hashimoto 44b980e659 Merge branch 'aws-sdk-go' of https://github.com/jen20/packer into jen20-aws-sdk-go 2015-05-28 08:24:41 -07:00
Mitchell Hashimoto 50d7c598e9 amazon/ebs: use new interpolation stuff 2015-05-27 11:35:56 -07:00
James Nugent e99cd56b6c Migrate from mitchellh/goamz to awslabs/aws-sdk-go
This commit moves the Amazon builders of Packer away from the Hashicorp
fork of the goamz library to the official AWS SDK for Go, in order that
third party plugins may depend on the more complete official library
more easily.
2015-04-12 21:33:09 -04:00
Mitchell Hashimoto 4406c20af1 builder/amazon: prefer token in config [GH-1544] 2014-10-27 17:29:40 -07:00