# Creating a custom AMI with Terraform
When using AWS ParallelCluster, you only pay for the AWS resources that are created when you create or update AWS ParallelCluster images and clusters. For more information, see [AWS services used by AWS ParallelCluster](aws-services-v3.md).
**Prerequisites**
+ Terraform v1.5.7\$1 is installed.
+ [AWS ParallelCluster API](api-reference-v3.md) v3.8.0\$1 is deployed in your account. See [Creating a cluster with Terraform](tutorial-create-cluster-terraform.md).
+ IAM role with the permissions to invoke the ParallelCluster API. See [Required permissions](tutorial-create-ami-terraform-permissions.md).
# Define a Terraform project
In this tutorial, you will define a simple Terraform project to deploy a ParallelCluster custom AMI.
1. Create a directory called `my-amis`.
All files that you create will be within this directory.
1. Create the file `terraform.tf` to import the ParallelCluster provider.
```
terraform {
required_version = ">= 1.5.7"
required_providers {
aws-parallelcluster = {
source = "aws-tf/aws-parallelcluster"
version = "~> 1.0"
}
}
}
```
1. Create the file `providers.tf` to configure the ParallelCluster and AWS providers.
```
provider "aws" {
region = var.region
profile = var.profile
}
provider "aws-parallelcluster" {
region = var.region
profile = var.profile
api_stack_name = var.api_stack_name
use_user_role = true
}
```
1. Create the file `main.tf` to define the resources using the ParallelCluster module.
To review the image properties that you can set within the `image_configuration` element, see [Build image configuration files](image-builder-configuration-file-v3.md).
To review the options that you can set for image creation, for example `image_id` and `rollback_on_failure`, see [`pcluster build-image`](pcluster.build-image-v3.md).
```
data "aws-parallelcluster_list_official_images" "parent_image" {
region = var.region
os = var.os
architecture = var.architecture
}
resource "aws-parallelcluster_image" "demo01" {
image_id = "demo01"
image_configuration = yamlencode({
"Build":{
"InstanceType": "c5.2xlarge",
"ParentImage": data.aws-parallelcluster_list_official_images.parent_image.official_images[0].amiId,
"UpdateOsPackages": {"Enabled": false}
}
})
rollback_on_failure = false
}
```
1. Create the file `variables.tf` to define the variables that can be injected for this project.
```
variable "region" {
description = "The region the ParallelCluster API is deployed in."
type = string
default = "us-east-1"
}
variable "profile" {
type = string
description = "The AWS profile used to deploy the clusters."
default = null
}
variable "api_stack_name" {
type = string
description = "The name of the CloudFormation stack used to deploy the ParallelCluster API."
default = "ParallelCluster"
}
variable "api_version" {
type = string
description = "The version of the ParallelCluster API."
}
variable "os" {
type = string
description = "The OS of the ParallelCluster image."
}
variable "architecture" {
type = string
description = "The architecture of the ParallelCluster image."
}
```
1. Create the file `terraform.tfvars` to set your arbitrary values for the variables.
With the file below deploy the custom AMI in `us-east-1` based on Amazon Linux 2 for x86\$164 architecture, using the existing ParallelCluster API 3.11.1 which is already deployed in `us-east-1` with stack name `MyParallelClusterAPI-3111`.
```
region = "us-east-1"
api_stack_name = "MyParallelClusterAPI-3111"
api_version = "3.11.1"
os = "alinux2"
architecture = "x86_64"
```
1. Create the file `outputs.tf` to define the outputs returned by this project.
```
output "parent_image" {
value = data.aws-parallelcluster_list_official_images.parent_image.official_images[0]
}
output "custom_image" {
value = aws-parallelcluster_image.demo01
}
```
The project directory is:
```
my-amis
├── main.tf - Terraform entrypoint where the ParallelCluster module is configured.
├── outputs.tf - Defines the cluster as a Terraform output.
├── providers.tf - Configures the providers: ParallelCluster and AWS.
├── terraform.tf - Import the ParallelCluster provider.
├── terraform.tfvars - Defines values for variables, e.g. region, PCAPI stack name.
└── variables.tf - Defines the variables, e.g. region, PCAPI stack name.
```
# Deploy the AMI
To deploy the AMI, run the standard Terraform commands in order.
1. Build the project:
```
terraform init
```
1. Define the deployment plan:
```
terraform plan -out tfplan
```
1. Deploy the plan:
```
terraform apply tfplan
```
# Required permissions
You need the following permissions to deploy a custom AMI with Terraform:
+ assume the ParallelCluster API role, which is in charge of interacting with the ParallelCluster API
+ describe the CloudFormation stack of the ParallelCluster API, to verify it exists and retrieve its parameters and outputs
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Resource": "arn:aws:sts::111122223333:role/PCAPIUserRole-*",
"Effect": "Allow",
"Sid": "AssumePCAPIUserRole"
},
{
"Action": [
"cloudformation:DescribeStacks"
],
"Resource": "arn:aws:cloudformation:us-east-1:111122223333:stack/*",
"Effect": "Allow",
"Sid": "CloudFormation"
}
]
}
```
------