Create AWS AMI policy, IAMgGroup and IAM user for Hashicorp Packer

This tutorails helps you to create a AWS AMI policy, IAMgGroup and IAM user for Hashicorp Packer execution so Packer should get only needed access than all.

Step 1 – Create an IAM User named “packer_user” in AWS .

Step 2 – Create a custom inline Policy named “packer_ami_policy” as shown

{ 
      "Version": "2012-10-17", 
      "Statement": [ 
     { 
            "Effect": "Allow", 
            "Action": [ 
                 "ec2:AttachVolume", 
                 "ec2:AuthorizeSecurityGroupIngress", 
                 "ec2:CopyImage", 
                 "ec2:CreateImage", 
                 "ec2:CreateKeypair", 
                 "ec2:CreateSecurityGroup", 
                 "ec2:CreateSnapshot", 
                 "ec2:CreateTags", 
                 "ec2:CreateVolume", 
                 "ec2:DeleteKeypair", 
                 "ec2:DeleteSecurityGroup", 
                 "ec2:DeleteSnapshot", 
                 "ec2:DeleteVolume", 
                 "ec2:DeregisterImage", 
                 "ec2:DescribeImageAttribute", 
                 "ec2:DescribeImages", 
                 "ec2:DescribeInstances", 
                 "ec2:DescribeRegions", 
                 "ec2:DescribeSecurityGroups", 
                 "ec2:DescribeSnapshots", 
                 "ec2:DescribeSubnets", 
                 "ec2:DescribeTags", 
                 "ec2:DescribeVolumes", 
                 "ec2:DetachVolume", 
                 "ec2:GetPasswordData", 
                 "ec2:ModifyImageAttribute", 
                 "ec2:ModifyInstanceAttribute", 
                 "ec2:ModifySnapshotAttribute", 
                 "ec2:RegisterImage", 
                 "ec2:RunInstances", 
                 "ec2:StopInstances", 
                 "ec2:TerminateInstances" 
            ], 
            "Resource": "*" 
     } 
      ] 
 } 

Step 3 – Attach the created Policy “packer_ami_policy” to user “packer_user”

«

Prev

1

/

1

Next

»

AWS Certified Solutions Architect Associate Tutorials – IAM – 2019 – Part-1

AWS Certified Solutions Architect Associate Tutorials – IAM – 2019 – Part-2

AWS Certified Solutions Architect Associate Tutorials – S3 – 2019 – Part-3

AWS Certified Solutions Architect Associate Tutorials – S3 – 2019 – Part-4

AWS Certified Solutions Architect Associate Tutorials – SQS-SNS – 2019 – Part-5

AWS Certified Solutions Architect Associate Tutorials – SNS-WATCH-TRAIL-LAMBDA – 2019 – Part-6

AWS Certified Solutions Architect Associate Tutorials – CloudFormation – 2019 – Part-7

AWS Certified Solutions Architect Associate Tutorials – DynamoDB – 2019 – Part-8

AWS Certified Solutions Architect Associate Tutorials – Redshift – 2019 – Part-9

AWS Certified Solutions Architect Associate Tutorials – Route53 – 2019 – Part-10

AWS Certified Solutions Architect Associate Tutorials – RDS-SNOWBALL – 2019 – Part-11

AWS Certified Solutions Architect Associate Tutorials – VPC – 2019 – Part-12

AWS Certified Solutions Architect Associate Tutorials – VPC – 2019 – Part-13

AWS Certified Solutions Architect Associate Tutorials – VPC – 2019 – Part-14

«

Prev

1

/

1

Next

»

• Author
• Recent Posts

Follow me

Rajesh Kumar

Mentor for DevOps - DevSecOps - SRE - Cloud - Container & Micorservices at Software AG

Join my following certification courses...
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/

My Linkedin - https://www.linkedin.com/in/rajeshkumarin

Follow me

Latest posts by Rajesh Kumar (see all)

• Best AI tools for Software Engineers - November 4, 2024
• Installing Jupyter: Get up and running on your computer - November 2, 2024
• An Introduction of SymOps by SymOps.com - October 30, 2024