Regression in 1.3.7 : amazon-ebs builder fails to launch a source AWS instance

[Dalzhim]

Overview of the Issue

The command packer build . hangs for approximately 3 minutes ±10 seconds right after logging Creating temporary security group for this instance: packer_XXXXX. The subsequent expected log ==> phonetix.amazon-ebs.phonetix: Launching a source AWS instance... never shows up. Then, the following is logged:

==> my-ami.amazon-ebs.phonetix: Deleting temporary security group...
==> my-ami.amazon-ebs.phonetix: Deleting temporary keypair...
Build 'my-ami.amazon-ebs.phonetix' errored after 3 minutes 2 seconds: Couldn't find specified instance profile: RequestError: send request failed
caused by: Post "https://iam.amazonaws.com/": net/http: TLS handshake timeout

Reproduction Steps

1. Install the 1.3.6 release
2. Run packer init . and packer build .
3. Wait until successful completion
4. Install the 1.3.7 release
5. Run packer init . and packer build .
6. Wait until timeout

Plugin and Packer version

packer version : Packer v1.13.1

$ packer version
Packer v1.13.1

$ packer plugins installed
/root/.config/packer/plugins/github.com/hashicorp/amazon/packer-plugin-amazon_v1.3.6_x5.0_linux_arm64
/root/.config/packer/plugins/github.com/hashicorp/amazon/packer-plugin-amazon_v1.3.7_x5.0_linux_arm64
/root/.config/packer/plugins/github.com/hashicorp/ansible/packer-plugin-ansible_v1.1.3_x5.0_linux_arm64

Simplified Packer Buildfile

packer {
  required_plugins {
    amazon = {
      version = "= 1.3.7"
      source  = "github.com/hashicorp/amazon"
    }
  }
}

source "amazon-ebs" "test" {
  ami_name             = "test"
  instance_type        = "t4g.small"
  region               = "ca-central-1"
  source_ami_filter {
    filters = {
       virtualization-type = "hvm"
       name = "ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-arm64-server-*"
       root-device-type = "ebs"
    }
    owners = ["099720109477"]
    most_recent = true
  }
  ssh_username         = "ubuntu"
  ssh_interface        = "session_manager"
  communicator         = "ssh"
  iam_instance_profile = "my-profile"
  force_deregister = true
  force_delete_snapshot = true
  launch_block_device_mappings {
    device_name           = "/dev/sda1"
    volume_size           = 64
    encrypted             = false
    delete_on_termination = true
  }
  vpc_filter {
    filters = {
      "isDefault" : "true",
    }
  }
  subnet_filter {
    most_free = true
    random    = false
  }
}

build {
  name = "test"
  sources = [
    "source.amazon-ebs.test"
  ]
  provisioner "shell" {
    inline = [
      "sudo cloud-init status --wait"
    ]
  }
}

Operating system and Environment details

Docker is installed on a virtual machine running Ubuntu Server 24.04 LTS aarch64 on a Apple arm64 machine running macOS 15.4.1. The corporate network does not have a proxy. Recently had a similar timeout issue with Docker itself that is tracked here: https://github.com/moby/moby/issues/50035#issuecomment-3005928592

Log Fragments and crash.log files

2025/06/25 16:07:45 packer-plugin-amazon_v1.3.7_x5.0_linux_arm64 plugin: 2025/06/25 16:07:45 [INFO] Finding AZ and VpcId for the given subnet 'subnet-XXXX'
2025/06/25 16:07:45 packer-plugin-amazon_v1.3.7_x5.0_linux_arm64 plugin: 2025/06/25 16:07:45 [INFO] AvailabilityZone found: 'ca-central-1b'
==> test.amazon-ebs.test: Creating temporary keypair: packer_XXXX
==> test.amazon-ebs.test: Creating temporary security group for this instance: packer_XXXX
2025/06/25 16:07:46 packer-plugin-amazon_v1.3.7_x5.0_linux_arm64 plugin: 2025/06/25 16:07:46 [DEBUG] Waiting for temporary security group: sg-XXXX
2025/06/25 16:07:46 packer-plugin-amazon_v1.3.7_x5.0_linux_arm64 plugin: 2025/06/25 16:07:46 [DEBUG] Found security group sg-XXXX
2025/06/25 16:10:30 packer-plugin-amazon_v1.3.7_x5.0_linux_arm64 plugin: 2025/06/25 16:10:30 [DEBUG] Couldn't find specified instance profile: RequestError: send request failed
2025/06/25 16:10:30 packer-plugin-amazon_v1.3.7_x5.0_linux_arm64 plugin: caused by: Post "https://iam.amazonaws.com/": net/http: TLS handshake timeout
==> test.amazon-ebs.test: Deleting temporary security group...
==> test.amazon-ebs.test: Deleting temporary keypair...

[Dalzhim]

An hypothesis in the related Docker issue was that the golang version bump might have been the culprit for the regression. It seems that packer-plugin-amazon also had a golang version bump in the 1.23.X serie. The docker issue has been solved by more recent version based on more recent golang versions in the 1.24.X serie.