8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
# File 'lib/vagrant-aws-winrm/capability.rb', line 8
def self.winrm_info(machine)
logger = Log4r::Logger.new("vagrant_aws_winrm::capability::winrm_info")
if machine.config.winrm.password == :aws
machine.ui.info('Getting WinRM password from AWS...')
access_key_id = machine.provider_config.access_key_id
secret_access_key = machine.provider_config.secret_access_key
credentials = ::Aws::Credentials.new(access_key_id, secret_access_key)
region = machine.provider_config.region
region_config = machine.provider_config.get_region_config(region)
endpoint = region_config.endpoint
options = {
region: region,
credentials: credentials
}
options[:endpoint] = endpoint if endpoint
logger.info("Getting password data from AWS...")
logger.info(" -- Region: #{region}")
logger.info(" -- Endpoint: #{endpoint}") if endpoint
logger.info(" -- Instance ID: #{machine.id}")
ec2 = Aws::EC2::Client.new(options)
password_data = ec2.get_password_data({ instance_id: machine.id }).password_data
password_data_bytes = Base64.decode64(password_data)
machine.config.ssh.private_key_path.each do |private_key_path|
private_key_path = File.expand_path private_key_path
logger.info("Decrypting password data using #{private_key_path}")
rsa = OpenSSL::PKey::RSA.new File.read private_key_path
begin
machine.config.winrm.password = rsa.private_decrypt password_data_bytes
logger.info("Successfully decrypted password data using #{private_key_path}")
rescue OpenSSL::PKey::RSAError
logger.warn("Failed to decrypt password data using #{private_key_path}")
next
end
break
end
end
return {}
end
|