Bookend a Packer AWS AMI image

We have a Windows 2022 base image. The packer script to make this image is divided into two parts, a pre part and a post part. The reason we have a post part is some of the tools we install will register on the start of their service (such as crowdstrike) with a Unique ID. What this means is if we use this image as a base image to build additional images from they all share the same Unique Ids which isn’t correct.

This leads us into a situation where when we want to use the base image, we copy the base script (windows_2022_base_ami.pkr.hcl) and insert the customisation code in the middle to create a new script (windows_2022_web_ami.pkr.hcl):

  • base pre scripts from windows_2022_base_ami.pkr.hcl
  • custom code
  • base post scripts from windows_2022_base_ami.pkr.hcl

However this leads to an ugly situation where when the base scripts (windows_2022_base_ami.pkr.hcl) need to get updated, they have to be updated it in all locations that have now made a customisation (windows_2022_web_ami.pkr.hcl).

Is there any way to split a hcl into two part a pre part and a post part, something like:

*base-pre.hcl *custom hcl markup *base-post.hcl

to form a new hcl like windows_2022_somecustom_ami.pkr.hcl


FWIW, a simple solution is to use an external script for a provisioner and have packer call it as part of its run. Multiple packer files can run same scripts.

We usually separate our build into 3 parts, pre-provisioning (sets up basic sanity/prereqs stuff in the machine), provisioning - part that is responsible for all the installation and configuration - and an image prep script that cleans up, deletes all generated keys and ids, removes/zeros out any empty space, etc. There is no reason multiple builds cannot share same components

I agree that can simplify things, but parts of the HCL file aren’t script provisioners, such as


I’d like to be able to have all of these in a post hcl file.