Build section
(Required) Specifies the configuration in which the image will be built.
Build: Imds: ImdsSupport:stringInstanceType:stringSubnetId:stringParentImage:stringIam: InstanceRole:stringInstanceProfile:stringCleanupLambdaRole:stringAdditionalIamPolicies: - Policy:stringPermissionsBoundary:stringComponents: - Type:stringValue:stringTags: - Key:stringValue:stringSecurityGroupIds: -stringUpdateOsPackages: Enabled:boolean
Build properties
InstanceType(Required,String)-
Specifies the instance type for the instance used to build the image.
SubnetId(Optional,String)-
Specifies the ID of an existing subnet in which to provision the instance to build the image. The provided subnet requires internet access.
Warning
pcluster build-imageuses the default VPC. If the default VPC has been deleted, perhaps by using AWS Control Tower or AWS Landing Zone, then the subnet ID must be specified. ParentImage(Required,String)-
Specifies the base image. The parent image can be either a non AWS ParallelCluster AMI or an official AWS ParallelCluster AMI for the same version. You can't use a AWS ParallelCluster official or custom AMI from a different version of AWS ParallelCluster. The format must either be the ARN of a image
arn:or an AMI IDPartition:imagebuilder:Region:Account:image/ImageName/ImageVersionami-12345678. SecurityGroupIds(Optional,[String])-
Specifies the list of security group IDs for the image.
Imds
Imds properties
(Optional) Specifies the Amazon EC2 ImageBuilder build and test instance metadata service (IMDS) settings.
Imds: ImdsSupport:string
ImdsSupport(Optional,String)-
Specifies which IMDS versions are supported in the Amazon EC2 ImageBuilder build and test instances. Supported values are
v2.0andv1.0. The default value isv2.0.If
ImdsSupportis set tov1.0, both IMDSv1 and IMDSv2 are supported.If
ImdsSupportis set tov2.0, only IMDSv2 is supported.For more information, see Use IMDSv2 in the Amazon EC2 User Guide for Linux instances.
Update policy: If this setting is changed, the update is not allowed.
Note
Starting with AWS ParallelCluster version 3.7.0, the
ImdsSupportdefault value isv2.0. We recommend that you setImdsSupporttov2.0and replace IMDSv1 with IMDSv2 in your custom actions calls.Support for Imds / ImdsSupport is added with AWS ParallelCluster version 3.3.0.
Iam
Iam properties
(Optional) Specifies the IAM resources for the image build.
Iam: InstanceRole:stringInstanceProfile:stringCleanupLambdaRole:stringAdditionalIamPolicies: - Policy:stringPermissionsBoundary:string
InstanceProfile(Optional,String)-
Specifies an instance profile to override the default instance profile for the EC2 Image Builder instance.
InstanceProfileandInstanceRoleandAdditionalIamPoliciescannot be specified together. The format isarn:.Partition:iam::Account:instance-profile/InstanceProfileName InstanceRole(Optional,String)-
Specifies an instance role to override the default instance role for the EC2 Image Builder instance.
InstanceProfileandInstanceRoleandAdditionalIamPoliciescannot be specified together. The format isarn:.Partition:iam::Account:role/RoleName CleanupLambdaRole(Optional,String)-
The ARN of the IAM role to use for the AWS Lambda function backing the AWS CloudFormation custom resource that removes build artifacts on build completion. Lambda needs to be configured as the principal allowed to assume the role. The format is
arn:.Partition:iam::Account:role/RoleName AdditionalIamPolicies(Optional)-
Specifies additional IAM policies to attach to the EC2 Image Builder instance used to produce the custom AMI.
AdditionalIamPolicies: - Policy:stringPolicy(Optional,[String])-
List of IAM policies. The format is
arn:.Partition:iam::Account:policy/PolicyName
PermissionsBoundary(Optional,String)-
The ARN of the IAM policy to use as permissions boundary for all roles created by AWS ParallelCluster. For more information on IAM permissions boundaries please refer to Permissions boundaries for IAM entities in the IAM User Guide. The format is
arn:.Partition:iam::Account:policy/PolicyName
Components
Components properties
(Optional) Specifies Amazon EC2 ImageBuilder components to use during the AMI build process in addition to the ones provided by default by AWS ParallelCluster. Such components can be used to customize the AMI build process. For more information, see AWS ParallelCluster AMI customization.
Components: - Type:stringValue:string
Type(Optional,String)-
Specifies the type of the type-value pair for the component. Type can be
arnorscript. Value(Optional,String)-
Specifies the value of the type-value pair for the component. When type is
arn, this is the ARN of a EC2 Image Builder component. When type isscript, this is the https or s3 link pointing to the script to use when creating the EC2 Image Builder component.
Tags
Tags properties
(Optional) Specifies the list of tags to be set in the resources used to build the AMI.
Tags: - Key:stringValue:string
Key(Optional,String)-
Defines the name of the tag.
Value(Optional,String)-
Defines the value of the tag.
UpdateOsPackages
UpdateOsPackages properties
(Optional) Specifies whether the operating system is updated before installing AWS ParallelCluster software stack.
UpdateOsPackages: Enabled:boolean
Enabled(Optional,Boolean)-
If
true, the OS is updated and rebooted before installing the AWS ParallelCluster software. The default isfalse.Note
When
UpdateOsPackagesis enabled, all available OS packages are updated, including the kernel. As a customer, you are responsible for verifying that the update is compatible with the AMI dependencies that aren't included in the update.For example, suppose you're building an AMI for AWS ParallelCluster version X.0 that's shipped with kernel version Y.0 and some component version Z.0. Suppose the available update includes updated kernel version Y.1 without updates to component Z.0. Before you enable
UpdateOsPackages, it's your responsibility to verify that component Z.0 supports kernel Y.1.
