• Infrastructure
    • terraform
    • packer
  • Networking
    • consul
  • Security
    • vault
    • boundary
  • Applications
    • nomad
    • waypoint
    • vagrant
  • HashiCorp Cloud Platform

    A fully managed platform to automate infrastructure on any cloud with HashiCorp products.

    • consul
    • terraform
    • vault
    • packerbeta
    Visit cloud.hashicorp.com
  • Overview
  • Tutorials
  • Docs
  • Plugins
  • Community
GitHubInstall PackerTry HCP Packer
    • v1.8.x (latest)
    • v1.7.x
    • v1.6.x
    • v1.5.x

  • Terminology
    • Overview
    • init
      • Overview
      • install
      • installed
      • remove
      • required
    • build
    • console
    • fix
    • fmt
    • inspect
    • validate
    • hcl2_upgrade
    • Overview
      • Overview
        • Overview
          • Overview
          • hcp_packer_registry
          • source
          • provisioner
          • post-processor
          • post-processors
        • locals
        • source
        • variable
        • packer
        • data
        • Overview
          • aws_secretsmanager
          • consul
          • env
          • vault
          • abs
          • ceil
          • floor
          • log
          • max
          • min
          • parseint
          • pow
          • signum
          • chomp
          • format
          • formatlist
          • indent
          • join
          • lower
          • replace
          • regex_replace
          • regex
          • regexall
          • split
          • strrev
          • substr
          • title
          • trim
          • trimprefix
          • trimsuffix
          • trimspace
          • upper
          • chunklist
          • coalesce
          • coalescelist
          • compact
          • concat
          • contains
          • distinct
          • element
          • flatten
          • index
          • keys
          • length
          • lookup
          • merge
          • range
          • reverse
          • setintersection
          • setproduct
          • setunion
          • slice
          • sort
          • values
          • zipmap
          • base64decode
          • base64encode
          • csvdecode
          • jsondecode
          • jsonencode
          • urlencode
          • yamldecode
          • yamlencode
          • abspath
          • basename
          • dirname
          • file
          • fileexists
          • fileset
          • pathexpand
          • templatefile
          • formatdate
          • timeadd
          • timestamp
          • legacy_isotime
          • legacy_strftime
          • bcrypt
          • md5
          • rsadecrypt
          • sha1
          • sha256
          • sha512
          • uuidv4
          • uuidv5
          • cidrhost
          • cidrnetmask
          • cidrsubnet
          • cidrsubnets
          • can
          • convert
          • try
      • Variables
      • Locals
      • Contextual Variables
      • Data Sources
      • Path Variables
      • Syntax
      • Only Except
      • Expressions
      • JSON Syntax
      • Overview
      • Builders
      • Communicators
      • Engine
      • Post-Processors
      • Provisioners
      • User Variables

    • Overview
    • SSH
    • WINRM
    • Overview
    • File
    • Null
    • Custom
    • Community-Supported
    • Overview
      • Overview
      • Iteration
      • Image
      • Image-Deprecated
    • Http
    • Overview
    • Breakpoint
    • File
    • PowerShell
    • Shell
    • Shell (Local)
    • Windows Shell
    • Windows Restart
    • Custom
    • Community-Supported
    • Overview
    • Artifice
    • Compress
    • Checksum
    • Manifest
    • Shell (Local)
    • Community-Supported
  • External Plugins

  • Installing Packer
  • Configuring Packer

    • Overview
      • Overview
      • Custom Builders
      • Custom Post-Processors
      • Custom Provisioners
      • Custom Data Sources
    • HCP Packer Support
  • Integration Program

  • Debugging
  • HCP Packer
Type '/' to Search

»Built-in Blocks

Note: This page is about HCL2 Packer templates. HCL2 templates were first introduced as a beta feature into Packer version 1.5. As of v1.7, HCL2 support is no longer in beta, and is the preferred way to write Packer configuration. For the old-style stable configuration language see template docs. As of v1.6.2, you can convert your legacy JSON template into an HCL2 config file using the hcl2_upgrade command.

The Packer - HCL2 language includes a number of built-in blocks that you can use to configure builds. A block is a container for configuration.

The most important blocks can be broken into a couple of major types:

  • build blocks contain configuration for a specific combination of builders, provisioners, and post-processors used to create a specific image artifact.
  • source blocks contain configuration for builder plugins. Once defined, sources can be used and further configured by the "build" block.
  • provisioner blocks contain configuration for provisioner plugins. These blocks are nested inside of a build block.
  • post-processor and post-processors blocks contain configuration for post-processor plugins and post-processor plugin sequences. They are also nested within build blocks.
  • variable blocks contain configuration for variables that can either be defaulted in configuration or set by the user at runtime.
  • locals blocks contain configuration for variables that can be created using HCL functions or data sources, or composited from variables created in the variables blocks.

Use the sidebar to navigate to detailed documentation for each of these blocks.

Other blocks, such as the "packer" block, provide information to the Packer core about what version it is allowed to run. The "required_plugins" block helps the Packer core

Blocks can be defined in multiple files and packer build folder will build using solely the files from a directory named folder.

Packer does not support user-defined blocks and so only the blocks built in to the language are available for use. The navigation for this section includes a list of all of the available built-in HCL2 blocks.

»Config example:

# variables.pkr.hcl
variable "foo" {
    type        = string
    default     = "the default value of the `foo` variable"
    description = "description of the `foo` variable"
    sensitive   = false
    # When a variable is sensitive all string-values from that variable will be
    # obfuscated from Packer's output.
}
# variables.pkr.hcl
variable "foo" {
    type        = string
    default     = "the default value of the `foo` variable"
    description = "description of the `foo` variable"
    sensitive   = false
    # When a variable is sensitive all string-values from that variable will be
    # obfuscated from Packer's output.
}
  • Variable block documentation.
# locals.pkr.hcl
locals {
    # locals can be bare values like:
    wee = local.baz
    # locals can also be set with other variables :
    baz = "Foo is '${var.foo}' but not '${local.wee}'"
}

# Use the singular local block if you need to mark a local as sensitive
local "mylocal" {
  expression = "${var.secret_api_key}"
  sensitive  = true
}
# locals.pkr.hcl
locals {
    # locals can be bare values like:
    wee = local.baz
    # locals can also be set with other variables :
    baz = "Foo is '${var.foo}' but not '${local.wee}'"
}

# Use the singular local block if you need to mark a local as sensitive
local "mylocal" {
  expression = "${var.secret_api_key}"
  sensitive  = true
}
  • Locals block documentation.
# sources.pkr.hcl
source "happycloud" "foo" {
    // ...
}
# sources.pkr.hcl
source "happycloud" "foo" {
    // ...
}
  • source block documentation.
# build.pkr.hcl
build {
    # use the `name` field to name a build in the logs.
    # For example this present config will display
    # "buildname.amazon-ebs.example-1" and "buildname.amazon-ebs.example-2"
    name = "buildname"

    sources = [
        # use the optional plural `sources` list to simply use a `source`
        # without changing any field.
        "source.amazon-ebs.example-1",
    ]

    source "source.amazon-ebs.example-2" {
        # Use the singular `source` block set specific fields.
        # Note that fields cannot be overwritten, in other words, you cannot
        # set the 'output' field from the top-level source block and here.
        output = "different value"
        name = "differentname"
    }

    provisioner "shell" {
        scripts = fileset(".", "scripts/{install,secure}.sh")
    }

    post-processor "shell-local" {
        inline = ["echo Hello World from ${source.type}.${source.name}"]
    }
}
# build.pkr.hcl
build {
    # use the `name` field to name a build in the logs.
    # For example this present config will display
    # "buildname.amazon-ebs.example-1" and "buildname.amazon-ebs.example-2"
    name = "buildname"

    sources = [
        # use the optional plural `sources` list to simply use a `source`
        # without changing any field.
        "source.amazon-ebs.example-1",
    ]

    source "source.amazon-ebs.example-2" {
        # Use the singular `source` block set specific fields.
        # Note that fields cannot be overwritten, in other words, you cannot
        # set the 'output' field from the top-level source block and here.
        output = "different value"
        name = "differentname"
    }

    provisioner "shell" {
        scripts = fileset(".", "scripts/{install,secure}.sh")
    }

    post-processor "shell-local" {
        inline = ["echo Hello World from ${source.type}.${source.name}"]
    }
}
  • build block documentation.
# datasource.pkr.hcl
data "amazon-ami" "basic-example" {
  // ...
}
# datasource.pkr.hcl
data "amazon-ami" "basic-example" {
  // ...
}
  • data block documentation.
github logoEdit this page
IntroGuidesDocsCommunityPrivacySecurityPress KitConsent Manager