Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Support S3 and AMI encryption in amazon-import post-processor #7396
This adds support to the amazon-import post-processor for encryption to both the S3 artifact and the resulting AMI. It allows for encryption in S3 with KMS or AES256, and the resulting AMI using KMS. It doesn't support an 'SSE-C' customer supplied AES key for S3 as the VM import service doesn't have support for this (despite a lack of documentation on this). I have a ticket open with AWS to clarify their documentation around SSE-C and VM import. If AWS adds support for this in the future it will be easy to add to this code.
This adds 4 new config parameters as described in the updated documentation.
Output of various test runs at https://gist.github.com/c0sco/084f0407512c236dfdf0118e9f209e9e