osbuild-composer provides the users with a convenient way to upload images directly to AWS right after the image is built. Before you can use this feature, you have to define
vmimport IAM role in your AWS account. See VM Import/Export Requirements in AWS documentation.
Now, you are ready to upload your first image to AWS. Using a text editor of your choice, create a configuration file with the following content:
provider = "aws" [settings] accessKeyID = "AWS_ACCESS_KEY_ID" secretAccessKey = "AWS_SECRET_ACCESS_KEY" bucket = "AWS_BUCKET" region = "AWS_REGION" key = "OBJECT_KEY"
There are several considerations when filling values in this file:
AWS_BUCKETmust be in the
AWS_BUCKETmust be created in AWS prior to running the script
vmimportrole must have read access to the
AWS_BUCKETplease see this guide on how to do so: How to create vmimport role
OBJECT_KEYis the name of an intermediate S3 object. It must not exist before the upload, and it will be deleted when the process is done.
If your authentication method requires you to also specify a session token, you can put it in the
settingssection of the configuration file in a field named
Once everything is configured, you can trigger a compose as usual with additional image name and cloud provider profile:
$ sudo composer-cli compose start <image_name> ami IMAGE_KEY aws-config.toml
where IMAGE_KEY will be the name of your new AMI, once it is uploaded to EC2.