Packer build also installs amazon-ssm-agent?

Hello community!

I have troubles getting some finding answers regarding a question.
I’m building from a rhel8 variant using this flow:

qemu-img convert qcow2 to ova → packer build ova to AMI

If I provision an EC2 instance from the AMI image I find this in the dnf.log

2024-04-02T16:59:32-0400 DDEBUG timer: config: 209 ms
2024-04-02T16:59:32-0400 DEBUG Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, groups-manager, kpatch, needs-restarting, playground, repoclosure, repodiff, repograph, repomanage, reposync, system-upgrade
2024-04-02T16:59:32-0400 DEBUG YUM version: 4.7.0
2024-04-02T16:59:32-0400 DDEBUG Command: yum install -y -C --disablerepo=* /etc/linux_amd64-amazon-ssm-agent.rpm 
2024-04-02T16:59:32-0400 DDEBUG Installroot: /
2024-04-02T16:59:32-0400 DDEBUG Releasever: 8
2024-04-02T16:59:32-0400 DEBUG cachedir: /var/cache/dnf
2024-04-02T16:59:32-0400 DDEBUG Base command: install
2024-04-02T16:59:32-0400 DDEBUG Extra commands: ['install', '-y', '-C', '--disablerepo=*', '/etc/linux_amd64-amazon-ssm-agent.rpm']
2024-04-02T16:59:32-0400 DEBUG User-Agent: constructed: 'libdnf (AlmaLinux 8.9; generic; Linux.x86_64)'
2024-04-02T16:59:40-0400 DDEBUG timer: sack setup: 7835 ms
2024-04-02T16:59:40-0400 DEBUG Completion plugin: Generating completion cache...
2024-04-02T16:59:40-0400 DEBUG --> Starting dependency resolution
2024-04-02T16:59:40-0400 DEBUG ---> Package amazon-ssm-agent.x86_64 will be installed
2024-04-02T16:59:40-0400 DEBUG --> Finished dependency resolution
2024-04-02T16:59:40-0400 DDEBUG timer: depsolve: 216 ms
2024-04-02T16:59:40-0400 INFO Dependencies resolved.
2024-04-02T16:59:40-0400 INFO ================================================================================
 Package                Architecture Version           Repository          Size
 amazon-ssm-agent       x86_64       @commandline        26 M

Transaction Summary
Install  1 Package

Is this from packer or from aws? If amazon-ssm-agent is mandatory I would prefer to prepare the image beforehand.


Hi @ihatethecloud,

I presume you’re using the amazon-import post-processor? If so we don’t provision anything during this step, there’s no running instance that Packer created, we only call the ImportImage API endpoint with the image you provide, which was first pushed to S3 for the import to succeed.

I don’t have visilibity in what AWS does when running an import-image, but I think it’s safe to assume they’re the ones doing those actions to install some extra packages on the image that are useful in their context.