»Yandex Compute Builder

Type: yandex Artifact BuilderId:

The yandex Packer builder is able to create images for use with Yandex Compute Cloud based on existing images.


Builder can authenticate with Yandex.Cloud using one of the following methods:

  • OAuth token
  • IAM token
  • File with Service Account Key
  • Service Account assigned to Compute Instance

»Authentication Using Token

To authenticate with an OAuth token or IAM token only token config key is needed. Or use the YC_TOKEN environment variable with proper value. Token you could get here. Check documentation about how to create IAM token.

»Authentication Using Service Account Key File

To authenticate with a service account credential, only service_account_key_file is needed. Or use the YC_SERVICE_ACCOUNT_KEY_FILE environment variable. The parameter expects a value path to the service account file in json format. Check documentation about how to create SA and its key.

»Authentication Using a Compute Instance Service Account

Authentication with a Service Account on an instance happens when neither the token nor the service_account_key_file parameter is set. To get more information about this kind of authentication check documentaion.

»Basic Example

  "type": "yandex",
  "token": "YOUR OAUTH TOKEN",
  "folder_id": "YOUR FOLDER ID",
  "source_image_family": "ubuntu-1804-lts",
  "ssh_username": "ubuntu",
  "use_ipv4_nat": "true"
{  "type": "yandex",  "token": "YOUR OAUTH TOKEN",  "folder_id": "YOUR FOLDER ID",  "source_image_family": "ubuntu-1804-lts",  "ssh_username": "ubuntu",  "use_ipv4_nat": "true"}

»Configuration Reference

Configuration options are organized below into two categories: required and optional. Within each category, the available options are alphabetized and described.

In addition to the options listed here, a communicator can be configured for this builder. In addition to the options defined there, a private key file can also be supplied to override the typical auto-generated key:

  • ssh_private_key_file (string) - Path to a PEM encoded private key file to use to authenticate with SSH. The ~ can be used in path and will be expanded to the home directory of current user.



  • token (string) - OAuth token or IAM token to use to authenticate to Yandex.Cloud. Alternatively you may set value by environment variable YC_TOKEN.


  • source_image_family (string) - The source image family to create the new image from. You can also specify source_image_id instead. Just one of a source_image_id or source_image_family must be specified. Example: ubuntu-1804-lts.


  • folder_id (string) - The folder ID that will be used to launch instances and store images. Alternatively you may set value by environment variable YC_FOLDER_ID. To use a different folder for looking up the source image or saving the target image to check options 'source_image_folder_id' and 'target_image_folder_id'.



  • endpoint (string) - Non standard API endpoint. Default is

  • service_account_key_file (string) - Path to file with Service Account key in json format. This is an alternative method to authenticate to Yandex.Cloud. Alternatively you may set environment variable YC_SERVICE_ACCOUNT_KEY_FILE.

  • max_retries (int) - The maximum number of times an API request is being executed.


  • source_image_folder_id (string) - The ID of the folder containing the source image.

  • source_image_id (string) - The source image ID to use to create the new image from.

  • source_image_name (string) - The source image name to use to create the new image from. Name will be looked up in source_image_folder_id.


  • serial_log_file (string) - File path to save serial port output of the launched instance.

  • state_timeout (duration string | ex: "1h5m2s") - The time to wait for instance state changes. Defaults to 5m.


  • instance_cores (int) - The number of cores available to the instance.

  • instance_gpus (int) - The number of GPU available to the instance.

  • instance_mem_gb (int) - The amount of memory available to the instance, specified in gigabytes.

  • instance_name (string) - The name assigned to the instance.

  • platform_id (string) - Identifier of the hardware platform configuration for the instance. This defaults to standard-v2.

  • labels (map[string]string) - Key/value pair labels to apply to the launched instance.

  • metadata (map[string]string) - Metadata applied to the launched instance.

  • metadata_from_file (map[string]string) - Metadata applied to the launched instance. The values in this map are the paths to the content files for the corresponding metadata keys.

  • preemptible (bool) - Launch a preemptible instance. This defaults to false.


  • disk_name (string) - The name of the disk, if unset the instance name will be used.

  • disk_size_gb (int) - The size of the disk in GB. This defaults to 10/100GB.

  • disk_type (string) - Specify disk type for the launched instance. Defaults to network-ssd.

  • disk_labels (map[string]string) - Key/value pair labels to apply to the disk.


  • image_name (string) - The name of the resulting image, which contains 1-63 characters and only supports lowercase English characters, numbers and hyphen. Defaults to packer-{{timestamp}}.

  • image_description (string) - The description of the image.

  • image_family (string) - The family name of the image.

  • image_labels (map[string]string) - Key/value pair labels to apply to the image.

  • image_min_disk_size_gb (int) - Minimum size of the disk that will be created from built image, specified in gigabytes. Should be more or equal to disk_size_gb.

  • image_product_ids ([]string) - License IDs that indicate which licenses are attached to resulting image.


  • subnet_id (string) - The Yandex VPC subnet id to use for the launched instance. Note, the zone of the subnet must match the zone in which the VM is launched.

  • zone (string) - The name of the zone to launch the instance. This defaults to ru-central1-a.

  • use_ipv4_nat (bool) - If set to true, then launched instance will have external internet access.

  • use_ipv6 (bool) - Set to true to enable IPv6 for the instance being created. This defaults to false, or not enabled.

  • use_internal_ip (bool) - If true, use the instance's internal IP address instead of its external IP during building.

»Build template data

In configuration directives the following variables are available:

»Build Shared Information Variables

This builder generates data that are shared with provisioner and post-processor via build function of template engine for JSON and contextual variables for HCL2.

The generated variables available for this builder see above

Usage example:

"post-processors": [
      "type": "manifest",
      "output": "manifest.json",
      "strip_path": true,
      "custom_data": {
        "source_image_id": "{{ build `SourceImageID` }}"
"post-processors": [    {      "type": "manifest",      "output": "manifest.json",      "strip_path": true,      "custom_data": {        "source_image_id": "{{ build `SourceImageID` }}"      }    }]