[cloud] Remove AWS public image access block only if not already unblocked

author Michael Brown <mcb30@ipxe.org>

Mon, 20 Oct 2025 11:56:34 +0000 (12:56 +0100)

committer Michael Brown <mcb30@ipxe.org>

Mon, 20 Oct 2025 11:58:03 +0000 (12:58 +0100)
author Michael Brown <mcb30@ipxe.org>
Mon, 20 Oct 2025 11:56:34 +0000 (12:56 +0100)
committer Michael Brown <mcb30@ipxe.org>
Mon, 20 Oct 2025 11:58:03 +0000 (12:58 +0100)
diff --git a/contrib/cloud/aws-import b/contrib/cloud/aws-import

index 8ec71f454a90522301d0296d2d84460f5c8cdce8..77c0fd0f78fe8cf7f51be10d5773435ac77f3241 100755 (executable)
--- a/contrib/cloud/aws-import
+++ b/contrib/cloud/aws-import
@@ -104,7 +104,9 @@ def import_image(region, name, family, architecture, image, public, overwrite,
      image_id = image['ImageId']
      client.get_waiter('image_available').wait(ImageIds=[image_id])
      if public:
-        client.disable_image_block_public_access()
+        image_block = client.get_image_block_public_access_state()
+        if image_block['ImageBlockPublicAccessState'] != 'unblocked':
+            client.disable_image_block_public_access()
          resource.Image(image_id).modify_attribute(Attribute='launchPermission',
                                                    OperationType='add',
                                                    UserGroups=['all'])
author	Michael Brown <mcb30@ipxe.org>
	Mon, 20 Oct 2025 11:56:34 +0000 (12:56 +0100)
committer	Michael Brown <mcb30@ipxe.org>
	Mon, 20 Oct 2025 11:58:03 +0000 (12:58 +0100)