[Enhancement]: Support for Image Builder workflows

[igordust]

Description

AWS introduced the capability of creating and choosing the workflows for the image creation, here the announcement: https://aws.amazon.com/about-aws/whats-new/2023/12/ec2-image-builder-image-workflows/

This has some impact on existing resources and it requires the definition of a new one.

These the changes that I suppose should be done to support this feature:

• new resource "aws_image_builder_workflow" that implement the workflow resource
• new datasource "aws_image_builder_workflow" that can fetch arns of already existing workflows, Amazon managed and customer managed
• alter resource aws_image_builder_pipeline: the user should have the ability to attach workflowconfigurations to the pipeline.

Affected Resource(s) and/or Data Source(s)

No response

Potential Terraform Configuration

resource "aws_image_builder_workflow" "my" {
  name = "my_workflow"
  semantic_version = "1.0.0"
  description = "My Workflow"
  change-description = "This is the first release"
  data = file("myworkflow.yaml")
  # uri = "https://repooffworkflows/flow.yml" # alternative to data
  kms_key_id = aws.kms_key.my_key.id
}

resource "aws_imagebuilder_image_pipeline" "my" {
  image_recipe_arn                 = aws_imagebuilder_image_recipe.example.arn
  infrastructure_configuration_arn = aws_imagebuilder_infrastructure_configuration.example.arn
  name                             = "my_pypeline"

  # adding my custom workflow
  workflow {
    on_failure = "Abort"
    parallel_group = "test"
    parameters = []
    arn = aws_image_builder_workflow.my.arn
  }

  # adding an amazon managed workflow
  workflow {
    on_failure = "Abort"
    parallel_group = "test"
    parameters = []
    arn = "arn:aws:imagebuilder:eu-west-1:aws:workflow/test/test-image-with-wait-for-action/1.0.0/1"
  }
}

References

For resource aws_image_builder_workflow:

• Create workflow: https://docs.aws.amazon.com/sdk-for-go/api/service/imagebuilder/#Imagebuilder.CreateWorkflow
• Delete workflow: https://docs.aws.amazon.com/sdk-for-go/api/service/imagebuilder/#Imagebuilder.DeleteWorkflow

For datasource aws_image_builder_workflow:

• Get workflow: https://docs.aws.amazon.com/sdk-for-go/api/service/imagebuilder/#Imagebuilder.GetWorkflow

For resource aws_imagebuilder_pipeline:

• https://docs.aws.amazon.com/sdk-for-go/api/service/imagebuilder/#CreateImagePipelineInput - Workflows property in CreateImagePipelineInput object
• https://docs.aws.amazon.com/sdk-for-go/api/service/imagebuilder/#WorkflowConfiguration - WorkflowConfiguration definition

Would you like to implement a fix?

None

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[bitanmallick]

Would be also great if a skip_destroy feature can be added similar to image-builder-component

[dbrazil-revealdata]

Did this work get completed, as I noticed issue is open? https://aws.amazon.com/about-aws/whats-new/2023/12/ec2-image-builder-image-workflows/ states that this new functionality is now available, however my terraform states that "Error: Unsupported block type". Thanks

[igordust]

Did this work get completed, as I noticed issue is open? https://aws.amazon.com/about-aws/whats-new/2023/12/ec2-image-builder-image-workflows/ states that this new functionality is now available, however my terraform states that "Error: Unsupported block type". Thanks

The PR has been merged here: https://github.com/hashicorp/terraform-provider-aws/pull/35097#issuecomment-1889092392 and the resource should be available starting from version 5.32.0.

[dbrazil-revealdata]

Did this work get completed, as I noticed issue is open? https://aws.amazon.com/about-aws/whats-new/2023/12/ec2-image-builder-image-workflows/ states that this new functionality is now available, however my terraform states that "Error: Unsupported block type". Thanks

The PR has been merged here: #35097 (comment) and the resource should be available starting from version 5.32.0.

I had a look and can't see any mention of the change to the pipeline to allow custom workflows. I am trying to find out when this work is likely to get completed. Not 100% on how to read all the information. Also Terraform is at 5.43, so not sure why you mention 5.32.

[kamilturek]

@dbrazil-revealdata aws_imagebuilder_pipeline hasn't been yet updated to support custom workflows. I'll try looking into this soon.

[dbrazil-revealdata]

Thanks. It goes hand in hand with the workflows. I need to stop the default sysprep action. If I use custom workflows, it becomes a manual step.

[thatderek]

Howdy folks. #36953 adds much of the needed functionality to implement this. If you want to that PR a 👍 , it lays the background for this issue's resolution.

[wanaxe]

@thatderek Why is the change for aws_imagebuilder_image, not as expected for aws_imagebuilder_image_pipeline?

We do need it to add for the latter.

[thatderek]

@wanaxe I needed workflows for a project but only needed it for imagebuilder_image. However, much of what I drew up in flex.go could (and probably should) be used to add workflows to imagebuilder_image_pipeline. I am myself not to familiar with the pipelines aspect though so left the actual implementation of workflows in the latter to someone more familiar with it. The heavy lifting though I think is mostly done in flex.go.

[wanaxe]

@kamilturek Thank you for the PR.

All, please add a 👍to https://github.com/hashicorp/terraform-provider-aws/pull/37317, if you want it for image pipeline.