As pointed out in the initial code review of #4351, some of the steps
from the standard EBS builder were (intetionally) omitted. It turns out
that these actually are useful, and the original rationale for the
omission was wrong. Consequently, this commit adds in the following
steps:
- `StepPrevalidate`
- `StepTagEBSVolumes`
- `StepDeregisterAMI`
- `StepCreateEncryptedAMICopy`
- `StepAMIRegionCopy`
- `StepModifyAMIAttribute`
- `StepCreateTags`
We also fix the interpolation filter and documentation to reflect these
additions, though the majority were already documented and just not
functional.
This commit removes the root volume from the list of launch block device
mappings passed to the image, since it is already passed in the form of
a snapshot (which is then configured to be the root device). Without
this commit, AMIs created using this builder have two root volumes
attached on launch.
Set SriovNetSupport to "simple". As of February 2017, this applies to C3, C4,
D2, I2, R3, and M4 (excluding m4.16xlarge).
Set EnaSupport to true. As of February 2017, this applies to C5, I3, P2, R4,
X1, and m4.16xlarge.
This commit adds a new type of builder which builds an AMI based on a
snapshot of an EBS volume which is provisioned on a "surrogate"
instance. This can be used to build operating system images from
scratch, but unlike the `chroot` builder does not require running from
an AWS EC2 instance.
If `security_group_id` was specified with a group that didn't exist, packer
would go into an infinite loop waiting for it. We shouldn't make assumptions
about the status of explicitely set security groups, so let's just error out
right away if we can't find it.
When an ebs volume fails to delete, Packer reports that there
was an error deleting the volume and the volume id. But it doesn't
give you the details of what that error is. This commit adds the
error reported back to the standard output.
As noted in #4277, we don't report any errors from the loop waiting for
a security group to exist. Instead, we should accept 'errors' which result
from the group not yet existing, and report errors which are actual issues
the user needs to resolve (eg, IAM permissions are incorrect).
Closes#4277
Added the 'kms_key_id' parameter. This supports supplying a customer master key (CMK) when encrypting the EBS volume.
The parameter is optional and only takes effect when 'encrypted' is true. When 'encrypted' is true but 'kms_key_id' is missing the 'aws/ebs' key will be used.