Create AWS AMI policy, IAMgGroup and IAM user for Hashicorp Packer

This tutorails helps you to create a AWS AMI policy, IAMgGroup and IAM user for Hashicorp Packer execution so Packer should get only needed access than all.

Step 1 – Create an IAM User named “packer_user” in AWS .

Step 2 – Create a custom inline Policy named “packer_ami_policy” as shown

{ 
      "Version": "2012-10-17", 
      "Statement": [ 
     { 
            "Effect": "Allow", 
            "Action": [ 
                 "ec2:AttachVolume", 
                 "ec2:AuthorizeSecurityGroupIngress", 
                 "ec2:CopyImage", 
                 "ec2:CreateImage", 
                 "ec2:CreateKeypair", 
                 "ec2:CreateSecurityGroup", 
                 "ec2:CreateSnapshot", 
                 "ec2:CreateTags", 
                 "ec2:CreateVolume", 
                 "ec2:DeleteKeypair", 
                 "ec2:DeleteSecurityGroup", 
                 "ec2:DeleteSnapshot", 
                 "ec2:DeleteVolume", 
                 "ec2:DeregisterImage", 
                 "ec2:DescribeImageAttribute", 
                 "ec2:DescribeImages", 
                 "ec2:DescribeInstances", 
                 "ec2:DescribeRegions", 
                 "ec2:DescribeSecurityGroups", 
                 "ec2:DescribeSnapshots", 
                 "ec2:DescribeSubnets", 
                 "ec2:DescribeTags", 
                 "ec2:DescribeVolumes", 
                 "ec2:DetachVolume", 
                 "ec2:GetPasswordData", 
                 "ec2:ModifyImageAttribute", 
                 "ec2:ModifyInstanceAttribute", 
                 "ec2:ModifySnapshotAttribute", 
                 "ec2:RegisterImage", 
                 "ec2:RunInstances", 
                 "ec2:StopInstances", 
                 "ec2:TerminateInstances" 
            ], 
            "Resource": "*" 
     } 
      ] 
 } 

Step 3 – Attach the created Policy “packer_ami_policy” to user “packer_user”

Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)