knife-ec2 0.15.0 → 0.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 889db53ef2c074e00e6f39d699546e1c559aa8aa
-  data.tar.gz: 9295959d153ee997e857113dde66c746435502a3
+  metadata.gz: 0453d28ca1ee7ca9304f301fb2cf3e441cb10831
+  data.tar.gz: bee091b5395aa6fc75fed85f9810b29ba7547b5e
 SHA512:
-  metadata.gz: f7921659633817867c17ddfcde5f256128761e8b5c9c1a675786099a4244d5d134aed0df8b8c2f6bb915df8fe1de24ef1ced5fdfab98981ad27635a8b4b1935a
-  data.tar.gz: 713004b60d245461dc9bede11abac218cc29b77fc898207abc2388d0d5bf45b1fb4fd59575328e00a38d3f56d22252f6f3cc812389a54289f12a905ea27bbcb3
+  metadata.gz: 01ccbc1d97798ae53cf5c6155d3398dc7c5ab0727e99effc608ff624f8b72cfca9b36ffd4e19c48e6d5c5baff263cde0060d490f410d437bace8e145aaf44258
+  data.tar.gz: 88b79da6a34a5cc3292b202951b327b4bbb6f1124da79ef705a4efe20d64dcddffdc235ccc8cb117ca2fd7dde929bbd7c8186d7608f9d656e56a94dee8a2773a

data/.github/ISSUE_TEMPLATE.md

@@ -0,0 +1,21 @@
+# Version:
+
+[Version of the project installed]
+
+# Environment: [Details about the environment such as the Operating System, cookbook details, etc...]
+
+# Scenario:
+
+[What you are trying to achieve and you can't?]
+
+# Steps to Reproduce:
+
+[If you are filing an issue what are the things we need to do in order to repro your problem?]
+
+# Expected Result:
+
+[What are you expecting to happen as the consequence of above reproduction steps?]
+
+# Actual Result:
+
+[What actually happens after the reproduction steps?]

data/.travis.yml

@@ -1,14 +1,27 @@
 language: ruby
 cache: bundler
+dist: trusty
 sudo: false
 
 # Early warning system to catch if Rubygems breaks something
 before_install:
   - gem update --system
+  - gem uninstall bundler -a -x
   - gem install bundler
   - rm -f .bundle/config
 
 rvm:
-  - 2.2.5
-  - 2.3.1
+  - 2.2.7
+  - 2.3.4
+  - 2.4.1
+  - ruby-head
+  
+matrix:
+  allow_failures:
+    - rvm: ruby-head
+
 script: bundle exec rake spec
+
+branches:
+  only:
+  - master

data/CHANGELOG.md

@@ -5,6 +5,15 @@ Note: this log contains only changes from knife-ec2 release 0.8.0 and later
 prior to release 0.8.0, please visit the [source repository](https://github.com/chef/knife-ec2/commits).
 
 
+## Latest Release 0.16.0 (2017-11-07)
+* [knife-ec2:#503](https://github.com/chef/knife-ec2/pull/503) Update list of instance_types that support ebs-encryption.
+* [knife-ec2:#496](https://github.com/chef/knife-ec2/pull/496) Change Winrm cert to 10 year expiry.
+* [knife-ec2:#492](https://github.com/chef/knife-ec2/pull/492) Added support to tag node details to chef.
+* [knife-ec2:#490](https://github.com/chef/knife-ec2/pull/490) Improper alignment of EC2 flavor list.
+* [knife-ec2:#489](https://github.com/chef/knife-ec2/pull/489) Added support to handle long passwords in windows.
+* [knife-ec2:#488](https://github.com/chef/knife-ec2/pull/488) Added support to tag EBS volumes on node creation.
+* [knife-ec2:#487](https://github.com/chef/knife-ec2/pull/487) Added new column description in EC2 AMIs list.
+
 ## Latest Release 0.15.0 (2017-02-15)
 * [knife-ec2:#484](https://github.com/chef/knife-ec2/pull/484) sleep for collecting windows password
 * [knife-ec2:#481](https://github.com/chef/knife-ec2/pull/481) Updated readme for EC2 AMI list

data/README.md

@@ -208,6 +208,15 @@ View additional information on configuring Windows images for bootstrap in the d
 Users can also include the ec2 server id in the node name by placing `%s` in the string passed to the `--chef-node-name` option. The %s is replaced by the ec2 server id dynamically. 
 e.g. `-N "www-server-%s" or  --chef-node-name "www-server-%s"`
 
+#### Tagging node in Chef
+
+Users can use option `--tag-node-in-chef` for tagging node in EC2 and chef both with `knife ec2 server create` command. If user does not pass this option, then the node will be tagged only in EC2.
+
+#### Tagging EBS Volumes
+
+Users can attach ebs volumes to a new instance being created with knife-ec2 using `--volume-tags Tag=Value[,Tag=Value...]`.
+
+
 #### Bootstrap Windows (2012 R2 and above platform) instance without user-data through winrm ssl transport
 
 Users can bootstrap the Windows instance without the need to provide the user-data. `knife-ec2` has the ability to bootstrap the Windows instance through `winrm protocol` using the `ssl` transport. This requires users to set `--winrm-transport` option as `ssl` and `--winrm-ssl-verify-mode` option as `verify_none`. This will do the necessary winrm ssl transport configurations on the target node and the bootstrap will just work.
@@ -260,10 +269,21 @@ knife ec2 ami list
   ```
   :Allowed platform             windows, ubuntu, debian, centos, fedora, rhel, nginx, turnkey, jumpbox, coreos, cisco, amazon, nessus
   ```  
+- **Search:**
+  User can search any string into the description column by using -s or --search:
+
+  **command:** knife ec2 ami list -s (search_keyword)
+
+  ```
+  :search_keyword             Any String or number
+  ```  
 
 ### `knife ec2 server list`
 Outputs a list of all servers in the currently configured AWS account. **Note, this shows all instances associated with the account, some of which may not be currently managed by the Chef server.**
 
+### `knife ec2 flavor list`
+Outputs a list of all instance types comprising varying combinations of CPU, memory, storage, and architecture capacity of the currently configured AWS account. **Note, this shows all instances type associated with the account.**
+
 ### `knife ec2 server delete`
 Deletes an existing server in the currently configured AWS account. **By default, this does not delete the associated node and client objects from the Chef server. To do so, add the `--purge` flag**
 

data/RELEASE_NOTES.md

@@ -7,26 +7,30 @@ Example Note:
 Details about the thing that changed that needs to get included in the Release Notes in markdown.
 -->
 
-# knife-ec2 0.15.0 release notes:
-In this release we have added a command to list EC2 AMIs. Also added a feature to append server_id to the chef-node-name. There are a couple of bug fixes as well.
+# knife-ec2 0.16.0 release notes:
+In this release we have added features for tagging EBS volumes and tagging node in Chef. There are a couple of bug fixes and enhancement as well.
 
-## Features added in knife-ec2 0.15.0
+## Features added in knife-ec2 0.16.0
 
-* Added command to list EC2 AMIs using `knife ec2 ami list` PR: [482](https://github.com/chef/knife-ec2/pull/482)
+* Added support to tag node details to chef while node creation using `--tag-node-in-chef` PR: [492](https://github.com/chef/knife-ec2/pull/492).
 
-* Added support to insert ec2 server id into node name using -N "<Node Name>%s" PR: [471](https://github.com/chef/knife-ec2/pull/471)
+* Added support to tag EBS volumes while node creation using `--volume-tags Tag=Value[,Tag=Value...]` PR: [488](https://github.com/chef/knife-ec2/pull/488).
 
-* Changed source of vm name to allow for hosts without public ip addresses PR: [478](https://github.com/chef/knife-ec2/pull/478)
 
-* Automatically pass tags to Chef as well as EC2 PR: [476](https://github.com/chef/knife-ec2/pull/476)
+## Enhancement in knife-ec2 0.16.0
 
+* Update list of instance types that support ebs-encryption PR: [503](https://github.com/chef/knife-ec2/pull/503)
 
-## Fixed issue in knife-ec2 0.15.0
+* Enhanced Winrm cert to 10 year expiry PR: [496](https://github.com/chef/knife-ec2/pull/496).
 
-* Wait for Windows Admin password to be available PR: [484](https://github.com/chef/knife-ec2/pull/484), issue: [479](https://github.com/chef/knife-ec2/issues/479), issue: [453](https://github.com/chef/knife-ec2/issues/453)
+* Improper alignment of EC2 flavor list command `knife ec2 flavor list` PR: [490](https://github.com/chef/knife-ec2/pull/490)
 
-* Fix where `--yes` option was not being passed to bootstrap PR: [458](https://github.com/chef/knife-ec2/pull/458)
+* Added new column description in EC2 AMIs list command `knife ec2 ami list` PR: [487](https://github.com/chef/knife-ec2/pull/487)
 
-* In VPC mode use private IP when public IP and DNS are not available PR: [468](https://github.com/chef/knife-ec2/pull/468), issue: [344](https://github.com/chef/knife-ec2/issues/344)
+## Fixed issue in knife-ec2 0.16.0
 
-* Default value and description improved for `--ebs-volume-type` improved for clarity PR: [464](https://github.com/chef/knife-ec2/pull/464), issue: [450](https://github.com/chef/knife-ec2/issues/450), issue [451](https://github.com/chef/knife-ec2/issues/451)
+* Update bundler to resolve travis failure PR: [502](https://github.com/chef/knife-ec2/pull/502)
+
+* Fix issue Tag node in Chef PR: [492](https://github.com/chef/knife-ec2/pull/492) issue: [234](https://github.com/chef/knife-ec2/issues/234).
+
+* Added support to handle long passwords in windows PR: [489](https://github.com/chef/knife-ec2/pull/489) issue: [470](https://github.com/chef/knife-ec2/issues/470)

data/knife-ec2.gemspec

@@ -21,9 +21,9 @@ Gem::Specification.new do |s|
   s.add_dependency 'mime-types'
   s.add_dependency 'knife-windows', '~> 1.0'
 
-  s.add_development_dependency 'chef',  '~> 12.0', '>= 12.2.1'
+  s.add_development_dependency 'chef',  '>= 12.2.1'
   s.add_development_dependency 'rspec', '~> 3.0'
-  s.add_development_dependency 'rake',  '~> 11.0'
+  s.add_development_dependency 'rake'
   s.add_development_dependency 'sdoc',  '~> 0.3'
 
   s.require_paths = ['lib']

data/lib/chef/knife/ec2_ami_list.rb

@@ -46,13 +46,18 @@ class Chef
       option :platform,
         :short => "-p PLATFORM",
         :long => "--platform PLATFORM",
-        :description => "Platform of the server. Allowed values are ubuntu, debian, centos, fedora, rhel, nginx, turnkey, jumpbox, coreos, cisco, amazon, nessus"
+        :description => "Platform of the server. Allowed values are windows, ubuntu, debian, centos, fedora, rhel, nginx, turnkey, jumpbox, coreos, cisco, amazon, nessus"
 
-       option :owner,
+      option :owner,
         :short => "-o OWNER",
         :long => "--owner OWNER",
         :description => "The server owner (self, aws-marketplace, microsoft). Default is aws-marketplace"
 
+      option :search,
+        :short => "-s SEARCH",
+        :long => "--search SEARCH",
+        :description => "Filter AMIs list as per search keywords."
+
       def run
         $stdout.sync = true
 
@@ -64,7 +69,8 @@ class Chef
           ui.color("Platform", :bold),
           ui.color("Architecture", :bold),
           ui.color("Size", :bold),
-          ui.color("Name", :bold)
+          ui.color("Name", :bold),
+          ui.color("Description", :bold)
         ].flatten.compact
 
         output_column_count = server_list.length
@@ -74,28 +80,42 @@ class Chef
         rescue Exception => api_error
           raise api_error
         end
+
         servers.body["imagesSet"].each do |server|
-          server_name = server["name"]
-          server["platform"] = find_server_platform(server_name) unless server["platform"]
+          server["platform"] = find_server_platform(server["name"]) unless server["platform"]
 
-          if locate_config_value(:platform)
+          if (locate_config_value(:platform) && locate_config_value(:search))
+            locate_config_value(:search).downcase!
+            if (server["description"] && server["platform"] == locate_config_value(:platform) && server["description"].downcase.include?(locate_config_value(:search)))
+              server_list += get_server_list(server)
+            end
+          elsif locate_config_value(:platform)
             if server["platform"] == locate_config_value(:platform)
-              server_list << server["imageId"]
-              server_list << server["platform"]
-              server_list << server["architecture"]
-              server_list << server["blockDeviceMapping"].first["volumeSize"].to_s
-              server_list << server_name.split(/\W+/).first
+              server_list += get_server_list(server)
+            end
+          elsif locate_config_value(:search)
+            locate_config_value(:search).downcase!
+            if (server["description"] && server["description"].downcase.include?(locate_config_value(:search)))
+              server_list += get_server_list(server)
             end
           else
-            server_list << server["imageId"]
-            server_list << server["platform"]
-            server_list << server["architecture"]
-            server_list << server["blockDeviceMapping"].first["volumeSize"].to_s
-            server_list << server_name.split(/\W+/).first
+            server_list += get_server_list(server)
           end
         end
         puts ui.list(server_list, :uneven_columns_across, output_column_count)
       end
+
+    private
+
+      def get_server_list(server)
+        server_list = []
+        server_list << server["imageId"]
+        server_list << server["platform"]
+        server_list << server["architecture"]
+        server_list << server["blockDeviceMapping"].first["volumeSize"].to_s
+        server_list << server["name"].split(/\W+/).first
+        server_list << server["description"]
+      end
     end
   end
 end

data/lib/chef/knife/ec2_base.rb

@@ -222,13 +222,12 @@ class Chef
 
     # All valid platforms
     def valid_platforms
-      ["ubuntu", "debian", "centos", "fedora", "rhel", "nginx", "turnkey", "jumpbox", "coreos", "cisco", "amazon", "nessus"]
+      ["windows", "ubuntu", "debian", "centos", "fedora", "rhel", "nginx", "turnkey", "jumpbox", "coreos", "cisco", "amazon", "nessus"]
     end
 
     # Get the platform from server name
     def find_server_platform(server_name)
-      available_platforms = valid_platforms
-      get_platform = available_platforms.select { |name| server_name.downcase.include?(name) }
+      get_platform = valid_platforms.select { |name| server_name.downcase.include?(name) }
       return get_platform.first
     end
 

data/lib/chef/knife/ec2_flavor_list.rb

@@ -29,6 +29,7 @@ class Chef
       def run
 
         validate!
+        custom_warnings!
 
         flavor_list = [
           ui.color('ID', :bold),
@@ -37,8 +38,16 @@ class Chef
           ui.color('RAM', :bold),
           ui.color('Disk', :bold),
           ui.color('Cores', :bold)
-        ]
-        flavors = connection.flavors.sort_by(&:id)
+        ].flatten.compact
+
+        output_column_count = flavor_list.length
+
+        begin
+          flavors = connection.flavors.sort_by(&:id)
+        rescue Exception => api_error
+          raise api_error
+        end
+
         if (config[:format] == 'summary')
           flavors.each do |flavor|
             flavor_list << flavor.id.to_s
@@ -48,10 +57,10 @@ class Chef
             flavor_list << "#{flavor.disk.to_s} GB"
             flavor_list << flavor.cores.to_s
           end
-          puts ui.list(flavor_list, :columns_across, 6)
-	else
+          puts ui.list(flavor_list, :uneven_columns_across, output_column_count)
+        else
           output(format_for_display(flavors))
-	end
+        end
       end
     end
   end

data/lib/chef/knife/ec2_server_create.rb

@@ -442,6 +442,17 @@ class Chef
         :boolean => true,
         :default => false
 
+      option :volume_tags,
+        :long => "--volume-tags Tag=Value[,Tag=Value...]",
+        :description => "Tag the Root volume",
+        :proc => Proc.new { |volume_tags| volume_tags.split(',') }
+
+      option :tag_node_in_chef,
+        :long => "--tag-node-in-chef",
+        :description => "Flag for tagging node in ec2 and chef both",
+        :boolean => true,
+        :default => false
+
       def run
         $stdout.sync = true
         validate!
@@ -489,6 +500,7 @@ class Chef
           begin
             @server = connection.servers.create(create_server_def)
           rescue => error
+            error.message.sub("download completed, but downloaded file not found", "Verify that you have public internet access.")
             ui.error error.message
             Chef::Log.debug("#{error.backtrace.join("\n")}")
             exit
@@ -509,6 +521,11 @@ class Chef
 
         printed_tags = hashed_tags.map{ |tag, val| "#{tag}: #{val}" }.join(", ")
 
+        hashed_volume_tags={}
+        volume_tags = locate_config_value(:volume_tags)
+        volume_tags.map{ |t| key,val=t.split('='); hashed_volume_tags[key]=val} unless volume_tags.nil?
+        printed_volume_tags = hashed_volume_tags.map{ |tag, val| "#{tag}: #{val}" }.join(", ")
+
         msg_pair("Instance ID", @server.id)
         msg_pair("Flavor", @server.flavor_id)
         msg_pair("Image", @server.image_id)
@@ -530,6 +547,7 @@ class Chef
         msg_pair("IAM Profile", locate_config_value(:iam_instance_profile))
 
         msg_pair("Tags", printed_tags)
+        msg_pair("Volume Tags", printed_volume_tags)
         msg_pair("SSH Key", @server.key_name)
 
         print "\n#{ui.color("Waiting for EC2 to create the instance", :magenta)}"
@@ -543,6 +561,7 @@ class Chef
         tries = 6
         begin
           create_tags(hashed_tags) unless hashed_tags.empty?
+          create_volume_tags(hashed_volume_tags) unless hashed_volume_tags.empty?
           associate_eip(elastic_ip) if config[:associate_eip]
           enable_classic_link(config[:classic_link_vpc_id], config[:classic_link_vpc_security_group_ids]) if config[:classic_link_vpc_id]
         rescue Fog::Compute::AWS::NotFound, Fog::Errors::Error
@@ -616,6 +635,7 @@ class Chef
         msg_pair("Tags", printed_tags)
         msg_pair("SSH Key", @server.key_name)
         msg_pair("Root Device Type", @server.root_device_type)
+        msg_pair("Root Volume Tags", printed_volume_tags)
         if @server.root_device_type == "ebs"
           device_map = @server.block_device_mapping.first
           msg_pair("Root Volume ID", device_map['volumeId'])
@@ -785,7 +805,8 @@ class Chef
         bootstrap.config[:msi_url] = locate_config_value(:msi_url)
         bootstrap.config[:install_as_service] = locate_config_value(:install_as_service)
         bootstrap.config[:session_timeout] = locate_config_value(:session_timeout)
-        bootstrap.config[:tags] = config[:tags]
+        bootstrap.config[:tags] = config[:tags] if locate_config_value(:tag_node_in_chef)
+
         if locate_config_value(:chef_node_name)
           bootstrap.config[:chef_node_name] = evaluate_node_name(locate_config_value(:chef_node_name))
         else
@@ -802,7 +823,8 @@ class Chef
         bootstrap.config[:ssh_port] = config[:ssh_port]
         bootstrap.config[:ssh_gateway] = config[:ssh_gateway]
         bootstrap.config[:identity_file] = config[:identity_file]
-        bootstrap.config[:tags] = config[:tags]
+        bootstrap.config[:tags] = config[:tags] if locate_config_value(:tag_node_in_chef)
+
         if locate_config_value(:chef_node_name)
           bootstrap.config[:chef_node_name] = evaluate_node_name(locate_config_value(:chef_node_name))
         else
@@ -914,11 +936,14 @@ class Chef
             ui.error("--ebs-encrypted option requires valid flavor to be specified.")
             exit 1
           elsif (locate_config_value(:ebs_encrypted) and ! %w(m3.medium  m3.large  m3.xlarge m3.2xlarge m4.large m4.xlarge
-                                             m4.2xlarge m4.4xlarge m4.10xlarge t2.micro t2.small t2.medium t2.large
-                                             d2.xlarge  d2.2xlarge d2.4xlarge d2.8xlarge c4.large c4.xlarge
-                                             c4.2xlarge c4.4xlarge c4.8xlarge c3.large c3.xlarge c3.2xlarge
-                                             c3.4xlarge c3.8xlarge cr1.8xlarge r3.large r3.xlarge r3.2xlarge
-                                             r3.4xlarge r3.8xlarge i2.xlarge i2.2xlarge i2.4xlarge i2.8xlarge g2.2xlarge g2.8xlarge).include?(locate_config_value(:flavor)))
+                                             m4.2xlarge m4.4xlarge m4.10xlarge m4.16xlarge t2.nano t2.micro t2.small
+                                             t2.medium t2.large t2.xlarge t2.2xlarge d2.xlarge  d2.2xlarge d2.4xlarge
+                                             d2.8xlarge c4.large c4.xlarge c4.2xlarge c4.4xlarge c4.8xlarge c3.large
+                                             c3.xlarge c3.2xlarge c3.4xlarge c3.8xlarge cr1.8xlarge r3.large r3.xlarge
+                                             r3.2xlarge r3.4xlarge r3.8xlarge r4.large r4.xlarge r4.2xlarge r4.4xlarge
+                                             r4.8xlarge r4.16xlarge x1.16xlarge x1.32xlarge i2.xlarge i2.2xlarge i2.4xlarge
+                                             i2.8xlarge i3.large i3.xlarge i3.2xlarge i3.4xlarge i3.8xlarge i3.16xlarge
+                                             f1.2xlarge f1.16xlarge g2.2xlarge g2.8xlarge p2.xlarge p2.8xlarge p2.16xlarge).include?(locate_config_value(:flavor)))
             ui.error("--ebs-encrypted option is not supported for #{locate_config_value(:flavor)} flavor.")
             exit 1
           end
@@ -950,6 +975,24 @@ class Chef
           exit 1
         end
 
+        volume_tags = locate_config_value(:volume_tags)
+        if !volume_tags.nil? and volume_tags.length != volume_tags.to_s.count('=')
+          ui.error("Volume Tags should be entered in a key = value pair")
+          exit 1
+        end
+
+        if (locate_config_value(:winrm_password).to_s.length > 14 )
+          ui.warn("The password provided is longer than 14 characters. Computers with Windows prior to Windows 2000 will not be able to use this account. Do you want to continue this operation? (Y/N):")
+          password_promt = STDIN.gets.chomp.upcase
+          if (password_promt == "N")
+           raise "Exiting as operation with password greater than 14 characters not accepted"
+          elsif (password_promt == "Y")
+           @allow_long_password = "/yes"
+          else
+           raise "The input provided is incorrect."
+          end
+        end
+
       end
 
       def tags
@@ -974,7 +1017,7 @@ class Chef
       winrm_user = locate_config_value(:winrm_user).split("\\")
       if (winrm_user[0] == ".") || (winrm_user[0] == "") ||(winrm_user.length == 1)
         user_related_commands = <<-EOH
-net user /add #{locate_config_value(:winrm_user).delete('.\\')} #{windows_password};
+net user /add #{locate_config_value(:winrm_user).delete('.\\')} #{windows_password} #{@allow_long_password};
 net localgroup Administrators /add #{locate_config_value(:winrm_user).delete('.\\')};
         EOH
       end
@@ -990,13 +1033,39 @@ $vm_name = invoke-restmethod -uri http://169.254.169.254/latest/meta-data/public
 If (-Not $vm_name) {
   $vm_name = invoke-restmethod -uri http://169.254.169.254/latest/meta-data/local-ipv4
 }
-New-SelfSignedCertificate -certstorelocation cert:\\localmachine\\my -dnsname $vm_name
+
+$name = new-object -com "X509Enrollment.CX500DistinguishedName.1"
+$name.Encode("CN=$vm_name", 0)
+$key = new-object -com "X509Enrollment.CX509PrivateKey.1"
+$key.ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
+$key.KeySpec = 1
+$key.Length = 2048
+$key.SecurityDescriptor = "D:PAI(A;;0xd01f01ff;;;SY)(A;;0xd01f01ff;;;BA)(A;;0x80120089;;;NS)"
+$key.MachineContext = 1
+$key.Create()
+$serverauthoid = new-object -com "X509Enrollment.CObjectId.1"
+$serverauthoid.InitializeFromValue("1.3.6.1.5.5.7.3.1")
+$ekuoids = new-object -com "X509Enrollment.CObjectIds.1"
+$ekuoids.add($serverauthoid)
+$ekuext = new-object -com "X509Enrollment.CX509ExtensionEnhancedKeyUsage.1"
+$ekuext.InitializeEncode($ekuoids)
+$cert = new-object -com "X509Enrollment.CX509CertificateRequestCertificate.1"
+$cert.InitializeFromPrivateKey(2, $key, "")
+$cert.Subject = $name
+$cert.Issuer = $cert.Subject
+$cert.NotBefore = get-date
+$cert.NotAfter = $cert.NotBefore.AddYears(10)
+$cert.X509Extensions.Add($ekuext)
+$cert.Encode()
+$enrollment = new-object -com "X509Enrollment.CX509Enrollment.1"
+$enrollment.InitializeFromRequest($cert)
+$certdata = $enrollment.CreateRequest(0)
+$enrollment.InstallResponse(2, $certdata, 0, "")
+
 $thumbprint = (Get-ChildItem -Path cert:\\localmachine\\my | Where-Object {$_.Subject -match "$vm_name"}).Thumbprint;
 $create_listener_cmd = "winrm create winrm/config/Listener?Address=*+Transport=HTTPS '@{Hostname=`"$vm_name`";CertificateThumbprint=`"$thumbprint`"}'"
 iex $create_listener_cmd
-
 netsh advfirewall firewall add rule name="WinRM HTTPS" protocol=TCP dir=in Localport=5986 remoteport=any action=allow localip=any remoteip=any profile=any enable=yes
-
 EOH
       end
 
@@ -1444,6 +1513,12 @@ EOH
         return node_name%server.id
       end
 
+      def create_volume_tags(hashed_volume_tags)
+        hashed_volume_tags.each_pair do |key,val|
+          connection.tags.create :key => key, :value => val, :resource_id => @server.block_device_mapping.first['volumeId']
+        end
+      end
+
     end
   end
 end