How to use AWS roles with Packer to create AMIs


I’m currently building AMIs via Packer without a problem, but I am baking the AWS credentials into my scripts which is not what I want. Reading the Packer documentation they specify that if no credentials are found it can use an AWS role.

I have created the policy and the role, but it’s unclear to me how to tell Packer to use this role. Do I have to pass the ARN in as a variable?

Any thoughts?


If you’d like to set the IAM role that Packer uses during AMI creation from the command-line (e.g. from Jenkins), then you can use variables for doing so, e.g. using the following in your Packer script:

So we provide a default “packer” value for our packer_profile variable. Then, when invoking Packer from the command-line in Jenkins, you override that default variable value using:

Hope this helps!

Leave a Reply