如何将AWS角色与Packer一起使用以创建AMI [英] How to use AWS roles with Packer to create AMIs
问题描述
我目前正在通过Packer毫无问题地构建AMI,但是我正在将AWS凭证烘焙到我的脚本中,这不是我想要的.阅读Packer文档后,他们指定如果找不到凭据,则可以使用AWS角色.
I'm currently building AMIs via Packer without a problem, but I am baking the AWS credentials into my scripts which is not what I want. Reading the Packer documentation they specify that if no credentials are found it can use an AWS role.
我已经创建了策略和角色,但是我不清楚如何告诉Packer使用该角色.我必须将ARN作为变量传递吗?
I have created the policy and the role, but it's unclear to me how to tell Packer to use this role. Do I have to pass the ARN in as a variable?
有什么想法吗?
推荐答案
如果您要设置Packer通过命令行在AMI创建过程中使用的IAM角色(Jenkins的 eg ) ,那么您可以在Packer脚本中使用以下变量来使用变量,例如 eg :
If you'd like to set the IAM role that Packer uses during AMI creation from the command-line (e.g. from Jenkins), then you can use variables for doing so, e.g. using the following in your Packer script:
"variables": {
"packer_profile": "packer",
...
},
"builders": [
{
"type": "amazon-ebs",
...
"iam_instance_profile": "{{user `packer_profile`}}",
...
}
],
"provisioners": [
...
]
因此,我们为packer_profile
变量提供了默认打包程序"值.然后,在Jenkins中从命令行调用Packer时,您可以使用以下方法覆盖该默认变量值:
So we provide a default "packer" value for our packer_profile
variable. Then, when invoking Packer from the command-line in Jenkins, you override that default variable value using:
$ /path/to/packer -var packer_profile="MyNewProfileHere" ...
希望这会有所帮助!
这篇关于如何将AWS角色与Packer一起使用以创建AMI的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!