mschultz-aofl

It's been almost two weeks - has anyone been able to replicate/identify this as a bug or if there just something I'm missing?

Hi @stevendpclark interesting thought. I had assumed it was an atomic command - that is, when the API returned control, the migration was completed. As this is happening automatically through...

@stevendpclark I figured it out. The seal was attempting to migrate AWSKMS to AWSKMS, not to the Shamir seal. If you note in my commands, the `export VAULT_SEAL_TYPE=awskms` variable was...

Yes, this isn't well documented, but in short: When using awskms, you create a set of recovery keys. Note: These are not unseal keys - they're only used for regenerating...

I use packer to generate the shell script and toss it in that path, with the password in there. It's a restricted path, and the password is set per machine...

So I don't think it's there. If you look here: https://github.com/aws/ec2-macos-init/blob/e83f1a6ad84142b9c5d07e8ed5ad79af1e9c5923/lib/ec2macosinit/config.go#L93-L105 You can see it retries 100 times. I think just modifying this would be the easiest thing to do....

I can confirm, I'm experiencing this same issue. I was directed to use ec2-macos-init by AWS support engineers. I see the same behavior as above, no userdata file is created...