Option to create all packer resources in defined resource group

[aleksf-awx]

Description

Currently all Packer build resources (VPC, vSwitch, VM instance, etc) are created within default resource group despite involved CSP API's provide support to specify resource group ID. There are orgs that implement resource group level resource isolation as opposed to using dedicated cloud accounts. In such orgs it may be challenging hosting image building workflow in the dedicated cloud account.

Providing an option to specify a resource group for Packer build resources (VPC, vSwitch, VM instance, etc) assures better resource isolation for orgs that employ resource group resources isolation concept. Blast radius of packer account key compromise is greatly reduced.

Use Case(s)

Provide option to host Packer build resources in user-provided resource group rather than default resource group for better isolation.

Potential configuration

Provide additional config option or extend existing resource_group_id option to inform CSP API's to pass resource group ID for relevant resource creation/deletion operations.

Potential References