Matthew Hooker
b16f2ec64b
builder/amazon: Use sdk default cred providers
...
I think we were overcomplicating things. The SDK provides the correct
credential chain by default, so let's use that. This patch does a quick
check for static credentials and uses those if found, then defaults to
the default credential provider chain.
This patch also removes the metadata timeout argument. Current versions
of the SDK have short timeouts by default, so I don't believe this is
needed.
2018-03-15 16:49:47 -07:00
Matthew Hooker
e483087574
builder/amazon: Use service default retries.
...
Each service has its own preconfigured number of times to retry.
Lets use that instead of setting a global number.
2018-03-14 22:26:35 -07:00
Matthew Hooker
2806523834
Fix issue with assume role credentials
2018-02-15 14:54:01 -08:00
Matthew Hooker
5b64f71702
Merge pull request #5764 from hashicorp/fix5760
...
"borrow" access config code from terraform.
2018-02-08 14:55:43 -08:00
Matthew Hooker
21812fa17f
Add volume and run tags if in us-gov/china
...
We can't tag on instance creation when we're in "restricted" regions,
so let's add the tags after the resources have been created.
Adds methods to AccessConfig to detect if we're in China or US Gov
regions (i.e. "restricted").
Also turns tag:tag maps into a type, and moves methods around validating
and converting them to ec2Tags to methods of the type.
2018-02-05 16:39:20 -08:00
Matthew Hooker
c5bcb97d06
"borrow" access config code from terraform.
...
This gives us a few benefits:
* timeout early if metadata service can't be reached
* report which auth provider we're using
* give much better errors if something goes wrong
2018-01-04 15:04:07 -08:00
Matthew Hooker
98c2a2d1f7
builder/aws: catch static credential errors early.
...
If we're using static credentials, either both the access key and secret key must be set, or neither of them should be.
2018-01-04 11:50:27 -08:00
Matthew Hooker
7b5c0900ef
Correctly set aws region if given in template along with a profile.
2017-12-07 11:12:57 -08:00
Matthew Hooker
0a24f4eb2e
don't shadow package name
2017-11-07 16:05:43 -08:00
Matthew Hooker
545ee45567
debug region we found
2017-11-07 14:51:20 -08:00
Matthew Hooker
c106e7c26c
Don't set region from metadata if profile is set.
2017-11-07 14:33:26 -08:00
Matthew Hooker
52fc0100eb
this is a critical error
2017-11-07 12:52:03 -08:00
Matthew Hooker
d322fc6c19
Shorten metadata timeout
...
When running in travis, metadata requests will timeout after 5 seconds.
After 24 such timeouts, we'll hit travis' build timeout of two minutes,
and the build will fail. Lowering it to 100 gets us in a safe time
limit. We _may_ need to expose a timeout env var with this logic,
however.
2017-10-30 15:22:15 -07:00
Matthew Hooker
314fc94bd8
clean up
2017-10-30 15:02:39 -07:00
Matthew Hooker
0e4ea7420b
fix tests
2017-10-30 14:34:16 -07:00
Matthew Hooker
c65fa8490d
fix various bugs deregistering AMIs
...
always deregister ami in session region
validate that session region does not appear in ami_regions
2017-10-30 14:17:19 -07:00
Matthew Hooker
febc65aa7c
try again to get region from metadata
2017-06-14 16:30:18 -07:00
Matthew Hooker
350e8bfe0d
we don't need to look for region in metadata.
...
Closes #4615'
2017-06-13 17:35:48 -07:00
Matthew Hooker
a619759bf7
add support for profile
2017-06-09 11:24:30 -07:00
Matthew Hooker
3fb4162660
remove code from bad merge
2017-06-09 11:07:29 -07:00
Matthew Hooker
624aaa2067
bugfix
2017-06-09 11:01:27 -07:00
Matthew Hooker
f637878822
with wrapping
2017-06-09 10:46:01 -07:00
Matthew Hooker
23084fe171
dedupe
2017-06-09 10:41:58 -07:00
Rickard von Essen
15f80dc5ab
aws: Drop undocumented option `profile`
...
This was added in 883acb18fa
to support
assume role and shared configuration file. This was never completed.
2017-06-09 10:37:54 -07:00
Matthew Hooker
56c513088b
I think this was the intention
2017-06-09 10:34:49 -07:00
Matthew Hooker
94854a26d9
fix go vet issue
2017-06-09 10:30:07 -07:00
Rickard von Essen
f106e60a7e
builder/amazon: Added MFA support
2017-06-09 10:28:31 -07:00
Rickard von Essen
f55c3b9d34
builder/amazon: Support assume role with assume_role_arn
...
This supports assuming a role when using profile or static credentials.
2017-06-09 10:27:56 -07:00
Rickard von Essen
3833d34829
builder/amazon: Cleaned up credential handeling
...
This properly handles:
- Preference between types of credential
- Assume role via ECS Task Role
2017-06-09 10:26:22 -07:00
Rémi Jouannet
45143bb6f4
add an option custom_endpoint_ec2 for amazon builder, add a condition if vpc_id is empty don't add the parameter to the aws call
2017-05-17 18:45:20 +02:00
Matthew Hooker
81522dced0
move packer to hashicorp
2017-04-04 13:39:01 -07:00
Matthew Hooker
35578d9ed1
remove unnecessary type conversions
2017-03-28 20:36:21 -07:00
Matthew Hooker
79287d7e47
simplify some code
2017-03-28 20:36:20 -07:00
Matthew Hooker
9a91ae4e8f
fix new session error when creating cred chain.
...
the old and deprecated method won't error and so is safe to use
even if we're not in amazon.
2016-11-14 11:39:22 -08:00
Matthew Hooker
48bdae93d1
aws-sdk: use session.NewSession
2016-11-01 15:53:04 -07:00
owjjh
658fadbc53
changing if conditionals to be ! instead of == false
2016-06-07 09:21:43 -04:00
owjjh
d489ce9904
make fmt run
2016-06-06 14:37:09 -04:00
owjjh
de5b69a8df
Adding ability to skip region validation when using AWS
2016-06-06 14:17:12 -04:00
Chris Bednarski
d0ab8658bc
Create a session for EC2RoleProvider; prevents crash; fixes #3123
2016-02-19 17:10:05 -08:00
Christopher Gerber
f1ae2a2b5a
Moved assume credentials to CLIConfig. Added new functions and methods to CLIConfig. Ran gofmt.
2016-02-03 15:53:01 -06:00
Christopher Gerber
7975c5e336
Move CLIConfig instantiation inside of ProfileName check.
2016-02-02 08:36:36 -06:00
Christopher Gerber
883acb18fa
IAM Role Switching
...
Adds initial IAM Role Switching support and support for AWS CLI Credential and Config files.
See: https://github.com/mitchellh/packer/issues/3109
2016-02-01 18:55:59 -06:00
Chris Bednarski
4cc443da8e
Update use of ec2rolecreds to match upstream
2015-08-10 13:59:56 -07:00
Chris Bednarski
28bf1877c2
Updated AWS SDK calls to match the 0.7.0 release of the AWS SDK
2015-07-28 17:10:21 -07:00
Seth Vargo
33ca8b7fb5
Migrate to new AWS repo
2015-06-03 17:13:52 -04:00
Mitchell Hashimoto
b78b119a11
amazon/*: fix merge issues with lib switch
2015-05-28 08:31:22 -07:00
Mitchell Hashimoto
44b980e659
Merge branch 'aws-sdk-go' of https://github.com/jen20/packer into jen20-aws-sdk-go
2015-05-28 08:24:41 -07:00
Mitchell Hashimoto
50d7c598e9
amazon/ebs: use new interpolation stuff
2015-05-27 11:35:56 -07:00
James Nugent
e99cd56b6c
Migrate from mitchellh/goamz to awslabs/aws-sdk-go
...
This commit moves the Amazon builders of Packer away from the Hashicorp
fork of the goamz library to the official AWS SDK for Go, in order that
third party plugins may depend on the more complete official library
more easily.
2015-04-12 21:33:09 -04:00
Mitchell Hashimoto
4406c20af1
builder/amazon: prefer token in config [GH-1544]
2014-10-27 17:29:40 -07:00