SCP i have that appears to work:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Action": "ec2:*"
"Resource": "arn:aws:ec2:*:*:image/ami-*",
"Condition": {
## using ubuntu jammy 22 lts docker image | |
docker pull ubuntu:jammy | |
apt update | |
apt install -y curl OR apt install -y wget (wget has less dependencies??) | |
##% curl dep overlap with azure-cli, so may as well curl? | |
curl https://releases.hashicorp.com/terraform/1.7.5/terraform_1.7.5_linux_arm.zip > /tmp/terraform.zip | |
apt install -y unzip | |
unzip /tmp/terraform.zip -d /usr/local/bin |
SCP i have that appears to work:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Action": "ec2:*"
"Resource": "arn:aws:ec2:*:*:image/ami-*",
"Condition": {
xxxxxxxx2016
denyleavingorgs
at root levelimage-factory
acctID xxxxxxxx3352
where AMIs would be created/shared fromlab2024
acctID xxxxxxxx6393
--- | |
- hosts: all | |
vars: | |
volumename: f8_ssd | |
vcenter_hostname: esxifreename.fqdn | |
esxi_hostname: esxifreename.fqdn | |
vm_scsi: paravirtual | |
vm_osid: rhel7_64Guest | |
template_path_vmdk: template_rhel7.4/rhel7.4_0.vmdk |