-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws_launch_template add support for Instance Metadata Options #11794
Comments
@ewbankkit no that's a different resource, the |
If we can't set this setting, then the result for EKS users can be this: https://medium.com/@ngchiwang/aws-eks-pod-role-5e5554fee501 |
@max-rocket-internet Correct, related but separate. |
Support for configuring metadata options in the |
This has been released in version 2.55.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Community Note
Description
Currently the
aws_launch_template
resource does not support Instance Metadata Options. These options can be required when using the Instance Metadata Service Version 2, which new versions of the AWS SDK now use: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.htmlWhen calling the CreateLaunchTemplate action in the EC2 API, the LaunchTemplateData object has a
MetadataOptions
attribute: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateInstanceMetadataOptionsRequest.htmlNew or Affected Resource(s)
Potential Terraform Configuration
Perhaps in terraform it could look like this:
References
https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_LaunchTemplateInstanceMetadataOptionsRequest.html
The text was updated successfully, but these errors were encountered: