Currently I am using Packer to create a custom AMI and I would like to share it to multiple aws accounts for our deployment pipeline.
Since I have "encrypt_boot": true, I get this error:
Errors validating build 'amazon-ebs'. 1 error(s) occurred:
* Cannot share AMI encrypted with default KMS key
Would anyone know how I can share an encrypted AMI to multiple AWS accounts?
As other people mentioned you will have to use a CMK to be able encrypt and share snapshots with your other accounts.
You specify the key in the Packer configuration with kms_key_id and provide a list of target account IDs that are allowed to use the snapshots with snapshot_users. You can then use packer-post-processor-ami-copy to copy the AMI into other accounts.