Copying an encrypted AMI (with Encrypted snapshot) to different regions failing with unsupported operation

[Anmol Porwal]

I am getting following error while copying an encrypted AMI (with encrypted snapshot) to different regions : Error modify AMI attributes: UnsupportedOperation: Encrypted snapshots can’t be shared publicly. Specify another snapshot.

My config.json builder is somewhat like this:

{
  "name": "amzn-web",
  "type": "amazon-ebs",
  "region": "{{user `region`}}",
  "source_ami": "{{user `source_ami`}}",
  "instance_type": "m3.medium",
  "ssh_username": "ec2-user",
  "ssh_timeout": "5m",
  "ami_name": "{{user `ami_name`}}",

  "ami_groups": ["all"],
  "ami_regions": "{{user `ami_regions`}}",
  "region_kms_key_ids": {
    "eu-central-1": "",
    "ap-south-1": ""
  },
  "kms_key_id": "key_id",
  "encrypt_boot": true,
  "snapshot_groups": ["all"]
}

Although on checking the AMI's on console I can see all the AMI's are created with private visibility and the snapshots are also mounted (checked by launching the AMI). Snapshots are also having private visibility.

I am guessing it's trying to make the snapshots public - do we have any option to have it private only ? or am I guessing something wrong and there's some correction / update needed in my config.json ?

[Anmol Porwal]

Update: the problem seems to be because of the key "ami_groups" which is supposed to share the ami publicly - and hence packer errors out with the above error.

I have tried running the packer build command without "ami_groups" key in the config and it worked as expected.