From cfd6b6fed5a9b292c989a5843d40daafc9f0d100 Mon Sep 17 00:00:00 2001
From: Mark Meyer <mark@ofosos.org>
Date: Tue, 3 Oct 2017 00:05:40 +0200
Subject: [PATCH] Change EBS builder to do tag-on-creation

The EBS builder will now use the tag-on-creation pattern, so
that it's possible to restrict packer to only create volumes that are
properly tagged by using an AWS policy.
---
 .../amazon/common/step_run_source_instance.go | 26 ++++++++++++++++++-
 builder/amazon/ebs/builder.go                 |  5 +---
 2 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/builder/amazon/common/step_run_source_instance.go b/builder/amazon/common/step_run_source_instance.go
index 5a864a5e4..c5d1f9a87 100644
--- a/builder/amazon/common/step_run_source_instance.go
+++ b/builder/amazon/common/step_run_source_instance.go
@@ -33,6 +33,7 @@ type StepRunSourceInstance struct {
 	SpotPriceProduct                  string
 	SubnetId                          string
 	Tags                              map[string]string
+	VolumeTags                        map[string]string
 	UserData                          string
 	UserDataFile                      string
 	Ctx                               interpolate.Context
@@ -151,6 +152,14 @@ func (s *StepRunSourceInstance) Run(state multistep.StateBag) multistep.StepActi
 	}
 	ReportTags(ui, ec2Tags)
 
+	volTags, err := ConvertToEC2Tags(s.VolumeTags, *ec2conn.Config.Region, s.SourceAMI, s.Ctx)
+	if err != nil {
+		err := fmt.Errorf("Error tagging volumes: %s", err)
+		state.Put("error", err)
+		ui.Error(err.Error())
+		return multistep.ActionHalt
+	}
+
 	if spotPrice == "" || spotPrice == "0" {
 
 		runOpts := &ec2.RunInstancesInput{
@@ -165,16 +174,31 @@ func (s *StepRunSourceInstance) Run(state multistep.StateBag) multistep.StepActi
 			EbsOptimized:        &s.EbsOptimized,
 		}
 
+		var tagSpecs []*ec2.TagSpecification
+
 		if len(ec2Tags) > 0 {
 			runTags := &ec2.TagSpecification{
 				ResourceType: aws.String("instance"),
 				Tags:         ec2Tags,
 			}
 
-			runOpts.SetTagSpecifications([]*ec2.TagSpecification{runTags})
+			tagSpecs = append(tagSpecs, runTags)
 			createTagsAfterInstanceStarts = false
 		}
 
+		if len(volTags) > 0 {
+			runVolTags := &ec2.TagSpecification{
+				ResourceType: aws.String("volume"),
+				Tags:         volTags,
+			}
+
+			tagSpecs = append(tagSpecs, runVolTags)
+		}
+
+		if len(tagSpecs) > 0 {
+			runOpts.SetTagSpecifications(tagSpecs)
+		}
+
 		if keyName != "" {
 			runOpts.KeyName = &keyName
 		}
diff --git a/builder/amazon/ebs/builder.go b/builder/amazon/ebs/builder.go
index c31da73a3..5c1b0128b 100644
--- a/builder/amazon/ebs/builder.go
+++ b/builder/amazon/ebs/builder.go
@@ -152,13 +152,10 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) (packe
 			AvailabilityZone:         b.config.AvailabilityZone,
 			BlockDevices:             b.config.BlockDevices,
 			Tags:                     b.config.RunTags,
+			VolumeTags:               b.config.VolumeRunTags,
 			Ctx:                      b.config.ctx,
 			InstanceInitiatedShutdownBehavior: b.config.InstanceInitiatedShutdownBehavior,
 		},
-		&awscommon.StepTagEBSVolumes{
-			VolumeRunTags: b.config.VolumeRunTags,
-			Ctx:           b.config.ctx,
-		},
 		&awscommon.StepGetPassword{
 			Debug:   b.config.PackerDebug,
 			Comm:    &b.config.RunConfig.Comm,