From 001db8ef996079948f63636f44613736ef8d6f3d Mon Sep 17 00:00:00 2001
From: Jake Buchholz <tomalok@gmail.com>
Date: Sat, 13 Jun 2020 17:24:33 -0700
Subject: [PATCH] Optional AWS Profile & Cross-Account Access

Allows encoding of the AWS profile to use in the build profile, and enabling the built AMI with a list of AWS accounts that are allowed access.
---
 packer.conf     | 4 +++-
 profiles/base/1 | 2 ++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/packer.conf b/packer.conf
index e741255..04962bf 100644
--- a/packer.conf
+++ b/packer.conf
@@ -4,7 +4,8 @@
 
 builders = [
   {
-    type = "amazon-ebssurrogate"
+    type    = "amazon-ebssurrogate"
+    profile = "{{user `aws_profile`}}"
 
     ### Builder Instance Details
 
@@ -60,6 +61,7 @@ builders = [
     }
     ena_support   = "true"
     sriov_support = "true"
+    ami_users     = "{{user `aws_users`}}"
   }
 ]
 
diff --git a/profiles/base/1 b/profiles/base/1
index 8ba6ff8..53cb819 100644
--- a/profiles/base/1
+++ b/profiles/base/1
@@ -26,6 +26,8 @@ build_ami_owner       = "137112412989"
 build_ami_latest      = "true"
 
 # AMI build/deploy
+aws_profile     = null  # AWS profile to build AMI
+aws_accounts    = null  # comma-separated AWS accounts allowed to launch AMI
 ami_name_prefix = "alpine-ami-"
 ami_name_suffix = ""
 ami_desc_prefix = "Alpine Linux "