Hi,
recently we enable ap-southeast-3 aka Jakarta to deploy our service, when we try to copy our AMI from ap-northeast-1 to ap-southeast-3, we will get below error message but other region won’t happened.
(https://aws.amazon.com/blogs/aws/now-open-aws-asia-pacific-jakarta-region/)
- Error Copying AMI (ami-0cb4ca3f7d8718b3c) to region (ap-southeast-3): AuthFailure: AWS was not able to validate the provided access credentials
status code: 401, request id: e723dfe8-1eab-4624-8457-a05720e70845
We use the same IAM user and role to run every AMI build. (The role have full administrator access)
Strangely, if we execute copy-image using aws cli command, the image can be successfully copied to ap-southeast-3.
aws ec2 copy-image --profile Packer --region ap-southeast-3 --name packer-build-rhel7 --source-region ap-northeast-1 --source-image-id ami-088f560cb66123456 --description ‘This is my copied image.’
We use the same IAM user and role, so there will be no authentication or permissions issues as other regions do not have this issue.
This makes us guess whether Jakarta has not been supported yet ? or other reason I miss to configuration ?
Thank you!
packer_log.txt (12.1 KB)
=======Our ENV=====
Packer version: 1.8.4
OS: RHEL 7.9
===Packer Code===
locals {
timestamp = regex_replace(timestamp(), "[- TZ:]", "")
}
source "amazon-ebs" "template" {
assume_role {
role_arn = var.assume_role_arn
session_name = trim("Testing-Packer-${var.environment}-${var.system}-${var.component}", "-")
}
instance_type = var.aws_instance_type
region = var.aws_region
access_key = var.aws_access_key
secret_key = var.aws_secret_key
launch_block_device_mappings {
delete_on_termination = true
device_name = "/dev/sda1"
volume_size = 30
volume_type = "gp3"
}
security_group_ids = var.security_group_ids
subnet_id = var.subnet_id
source_ami = var.aws_ami_id
ami_description = "Testing-RedHat-7-GoldenAMI"
ami_name = "Testing-packer-build-RedHat-7-GoldenAMI_${local.timestamp}"
ami_users = var.ami_users
ami_regions = var.ami_distributed_regions
skip_region_validation = true
associate_public_ip_address = false
disable_stop_instance = false
shutdown_behavior = "terminate"
ssh_username = "ec2-user"
run_tags = {
Name = "Testing-packer-build-RedHat-7-GoldenAMI_${local.timestamp}"
}
tags = {
Name = "Testing-packer-build-RedHat-7-GoldenAMI_${local.timestamp}"
}
}
build {
sources = [
"source.amazon-ebs.template"
]
}