Closed hc-github-team-packer closed 1 year ago
Glyphack
commented
1 year ago Hi @l3LUM
I think the current workaround would be to create the role yourself and pass the profile to packer instead of creating a temporary one, using this setting.
Seems like the role is created here, and probably we can pass tags here.
I see there's a run_tags config, that is currently assigning tags to other resources created but not the role.
This is very similar to this issue #286
CoudPelle
commented
1 year ago Thanks for your answer, Indeed it's the solution i've choosed as a workaround. I think it would be a great feature because It makes my CI/CD pipeline more complex as I only want to use this policy temporarily.
For now, I created a stack Terraform that creates a policy, role and instance profile. This stack is deployed before I run packer and destroyed after the build.
So I hope you will add the feature ! :)
This issue was originally opened by @l3LUM in https://github.com/hashicorp/packer/issues/12236 and has been migrated to this repository. The original issue description is below.
I want to use the temporary_iam_instance_profile_policy_document on the amazon-ebs builder to authorise instance managed by packer to get access to a bucket.
My compagny enforce all new IAM roles to have specific tags, but I couldn't find any argument to add a tag to the temporary role created. So Packer failed at start when creating temporary resources.
Is there a workaround to add tags to the temporary created role ?
Or could you make a feature that adds a "tags" field for the temporary_iam_instance_profile_policy_document option ?