Menu
I'm currently building AMIs via Packer without a problem, but I am baking the AWS credentials into my scripts which is not what I want. Reading the Packer documentation they specify that if no credentials are found it can use an AWS role.
I have created the policy and the role, but it's unclear to me how to tell Packer to use this role. Do I have to pass the ARN in as a variable?
Any thoughts?
479
Execute the AWS CodeBuild Project From the AWS Management Console, navigate to the AWS CodeBuild console. In the list of build projects, choose the project you created, and then choose Start build. In Start new build, choose which branch and revision of your AWS CodeCommit repository should be used to build your AMI.
If you'd like to set the IAM role that Packer uses during AMI creation from the command-line (e.g. from Jenkins), then you can use variables for doing so, e.g. using the following in your Packer script:
"variables": {
"packer_profile": "packer",
...
},
"builders": [
{
"type": "amazon-ebs",
...
"iam_instance_profile": "{{user `packer_profile`}}",
...
}
],
"provisioners": [
...
]
So we provide a default "packer" value for our packer_profile variable. Then, when invoking Packer from the command-line in Jenkins, you override that default variable value using:
$ /path/to/packer -var packer_profile="MyNewProfileHere" ...
Hope this helps!
104
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
