Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can not provide arn for organization #492

Open
hc-github-team-packer opened this issue Jul 5, 2024 · 3 comments
Open

Can not provide arn for organization #492

hc-github-team-packer opened this issue Jul 5, 2024 · 3 comments

Comments

@hc-github-team-packer
Copy link

This issue was originally opened by @EugenKon in hashicorp/packer#13099 and has been migrated to this repository. The original issue description is below.

Overview of the Issue

image

also this is not documented https://developer.hashicorp.com/packer/integrations/hashicorp/amazon/latest/components/builder/ebs how to fill this value correctly.

Reproduction Steps

source "amazon-ebs" "nomad_ami" {
  ami_name              = "xxx"
  instance_type         = "t2.medium"
  region                = var.aws_region
  source_ami            = data.amazon-ami.ubuntu_server_lts.id
  ssh_username          = "ubuntu"
  ami_regions           = ["ca-central-1", "us-east-1", "us-east-2", "us-west-1", "us-west-2"]
  ami_org_arns          = ["arn:aws:organizations::000000000:ou/path/to"]
  force_deregister      = true
  force_delete_snapshot = true

  tags = {
    Name          = "nomad"
    Base_AMI_ID   = data.amazon-ami.ubuntu_server_lts.id
    Base_AMI_Name = data.amazon-ami.ubuntu_server_lts.name
    OS_Version    = "Ubuntu"
    Release       = "24.04 LTS"
    Description   = "Base image for EC2 instances on Nomad cluster"
  }

  snapshot_tags = {
    Name        = "nomad"
    Description = "Base image for EC2 instances on Nomad cluster"
  }
}

Packer version

v1.9.4

Simplified Packer Template

Operating system and Environment details

Darwin Eugens-MacBook-Pro.local 23.5.0 Darwin Kernel Version 23.5.0: Wed May 1 20:09:52 PDT 2024; root:xnu-10063.121.3~5/RELEASE_X86_64 x86_64 i386 Darwin
@github-actions github-actions bot mentioned this issue Jul 5, 2024
Closed
@EugenKon
Copy link

EugenKon commented Jul 5, 2024

As a temporary workaround I commented out ami_org_arns option and applied ARN manually via AWS Console:
image

@lbajolet-hashicorp
Copy link
Contributor

Hi @EugenKon,

Thanks for reporting this, regarding the error you're getting, that's from the AWS APIs it seems, but it's hard to understand the root cause of the issue here without more information.

Looking at your example though it seems the organisation ARN you provide might be an organisational unit ARN instead? If so you should use the ami_ou_arns attribute instead?

Regarding the docs, we lean on AWS for this, you can find the patterns in their API docs: Organisation ARN for example.

Let me know if that helps; in the meantime I imagine that we could regex the data provided in order to make sure it fits what's requested, this way you won't have to wait until the AMI gets pushed for it to error, especially as the docs provide the regexes for this work. I'll make a note of that.

@lbajolet-hashicorp lbajolet-hashicorp mentioned this issue Jul 16, 2024
Open
@EugenKon
Copy link

I was blind. How could I miss ami_ou_arns??? I have not tried yet, but I suppose it should work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hc-github-team-packer @lbajolet-hashicorp @EugenKon