hashicorp · ewbankkit · Apr 18, 2022 · Apr 16, 2022 · Apr 16, 2022 · Apr 16, 2022
@@ -0,0 +1,7 @@
+```release-note:enhancement
+resource/aws_imagebuilder_infrastructure_configuration: Add `instance_metadata_options` argument
+```
+
+```release-note:enhancement
+data-source/aws_imagebuilder_infrastructure_configuration: Add `instance_metadata_options` attribute
+```
@@ -46,6 +46,25 @@ func ResourceInfrastructureConfiguration() *schema.Resource {
 				Optional:     true,
 				ValidateFunc: validation.StringLenBetween(1, 1024),
 			},
+			"instance_metadata_options": {
+				Type:     schema.TypeList,
+				Optional: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"http_put_response_hop_limit": {
+							Type:         schema.TypeInt,
+							Optional:     true,
+							ValidateFunc: validation.IntBetween(1, 64),
+						},
+						"http_tokens": {
+							Type:         schema.TypeString,
+							Optional:     true,
+							ValidateFunc: validation.StringInSlice([]string{"required", "optional"}, false),
+						},
+					},
+				},
+			},
 			"instance_profile_name": {
 				Type:         schema.TypeString,
 				Required:     true,
@@ -140,6 +159,10 @@ func resourceInfrastructureConfigurationCreate(d *schema.ResourceData, meta inte
 		input.Description = aws.String(v.(string))
 	}
 
+	if v, ok := d.GetOk("instance_metadata_options"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil {
+		input.InstanceMetadataOptions = expandInstanceMetadataOptions(v.([]interface{})[0].(map[string]interface{}))
+	}
+
 	if v, ok := d.GetOk("instance_profile_name"); ok {
 		input.InstanceProfileName = aws.String(v.(string))
 	}
@@ -245,6 +268,15 @@ func resourceInfrastructureConfigurationRead(d *schema.ResourceData, meta interf
 	d.Set("date_created", infrastructureConfiguration.DateCreated)
 	d.Set("date_updated", infrastructureConfiguration.DateUpdated)
 	d.Set("description", infrastructureConfiguration.Description)
+
+	if infrastructureConfiguration.InstanceMetadataOptions != nil {
+		d.Set("instance_metadata_options", []interface{}{
+			flattenInstanceMetadataOptions(infrastructureConfiguration.InstanceMetadataOptions),
+		})
+	} else {
+		d.Set("instance_metadata_options", nil)
+	}
+
 	d.Set("instance_profile_name", infrastructureConfiguration.InstanceProfileName)
 	d.Set("instance_types", aws.StringValueSlice(infrastructureConfiguration.InstanceTypes))
 	d.Set("key_pair", infrastructureConfiguration.KeyPair)
@@ -278,6 +310,7 @@ func resourceInfrastructureConfigurationUpdate(d *schema.ResourceData, meta inte
 
 	if d.HasChanges(
 		"description",
+		"instance_metadata_options",
 		"instance_profile_name",
 		"instance_types",
 		"key_pair",
@@ -297,6 +330,10 @@ func resourceInfrastructureConfigurationUpdate(d *schema.ResourceData, meta inte
 			input.Description = aws.String(v.(string))
 		}
 
+		if v, ok := d.GetOk("instance_metadata_options"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil {
+			input.InstanceMetadataOptions = expandInstanceMetadataOptions(v.([]interface{})[0].(map[string]interface{}))
+		}
+
 		if v, ok := d.GetOk("instance_profile_name"); ok {
 			input.InstanceProfileName = aws.String(v.(string))
 		}
@@ -383,6 +420,24 @@ func resourceInfrastructureConfigurationDelete(d *schema.ResourceData, meta inte
 	return nil
 }
 
+func expandInstanceMetadataOptions(tfMap map[string]interface{}) *imagebuilder.InstanceMetadataOptions {
+	if tfMap == nil {
+		return nil
+	}
+
+	apiObject := &imagebuilder.InstanceMetadataOptions{}
+
+	if v, ok := tfMap["http_put_response_hop_limit"].(int); ok && v != 0 {
+		apiObject.HttpPutResponseHopLimit = aws.Int64(int64(v))
+	}
+
+	if v, ok := tfMap["http_tokens"].(string); ok && v != "" {
+		apiObject.HttpTokens = aws.String(v)
+	}
+
+	return apiObject
+}
+
 func expandLogging(tfMap map[string]interface{}) *imagebuilder.Logging {
 	if tfMap == nil {
 		return nil
@@ -415,6 +470,24 @@ func expandS3Logs(tfMap map[string]interface{}) *imagebuilder.S3Logs {
 	return apiObject
 }
 
+func flattenInstanceMetadataOptions(apiObject *imagebuilder.InstanceMetadataOptions) map[string]interface{} {
+	if apiObject == nil {
+		return nil
+	}
+
+	tfMap := map[string]interface{}{}
+
+	if v := apiObject.HttpPutResponseHopLimit; v != nil {
+		tfMap["http_put_response_hop_limit"] = aws.Int64Value(v)
+	}
+
+	if v := apiObject.HttpTokens; v != nil {
+		tfMap["http_tokens"] = aws.StringValue(v)
+	}
+
+	return tfMap
+}
+
 func flattenLogging(apiObject *imagebuilder.Logging) map[string]interface{} {
 	if apiObject == nil {
 		return nil

@@ -33,6 +33,22 @@ func DataSourceInfrastructureConfiguration() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"instance_metadata_options": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"http_put_response_hop_limit": {
+							Type:     schema.TypeInt,
+							Computed: true,
+						},
+						"http_tokens": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
 			"instance_profile_name": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -124,6 +140,13 @@ func dataSourceInfrastructureConfigurationRead(d *schema.ResourceData, meta inte
 	d.Set("date_created", infrastructureConfiguration.DateCreated)
 	d.Set("date_updated", infrastructureConfiguration.DateUpdated)
 	d.Set("description", infrastructureConfiguration.Description)
+
+	if infrastructureConfiguration.InstanceMetadataOptions != nil {
+		d.Set("instance_metadata_options", []interface{}{flattenInstanceMetadataOptions(infrastructureConfiguration.InstanceMetadataOptions)})
+	} else {
+		d.Set("instance_metadata_options", nil)
+	}
+
 	d.Set("instance_profile_name", infrastructureConfiguration.InstanceProfileName)
 	d.Set("instance_types", aws.StringValueSlice(infrastructureConfiguration.InstanceTypes))
 	d.Set("key_pair", infrastructureConfiguration.KeyPair)

@@ -28,6 +28,7 @@ func TestAccImageBuilderInfrastructureConfigurationDataSource_arn(t *testing.T)
 					resource.TestCheckResourceAttrPair(dataSourceName, "date_created", resourceName, "date_created"),
 					resource.TestCheckResourceAttrPair(dataSourceName, "date_updated", resourceName, "date_updated"),
 					resource.TestCheckResourceAttrPair(dataSourceName, "description", resourceName, "description"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "instance_metadata_options.#", resourceName, "instance_metadata_options.#"),
 					resource.TestCheckResourceAttrPair(dataSourceName, "instance_profile_name", resourceName, "instance_profile_name"),
 					resource.TestCheckResourceAttrPair(dataSourceName, "instance_types.#", resourceName, "instance_types.#"),
 					resource.TestCheckResourceAttrPair(dataSourceName, "key_pair", resourceName, "key_pair"),

@@ -34,6 +34,7 @@ func TestAccImageBuilderInfrastructureConfiguration_basic(t *testing.T) {
 					acctest.CheckResourceAttrRFC3339(resourceName, "date_created"),
 					resource.TestCheckResourceAttr(resourceName, "date_updated", ""),
 					resource.TestCheckResourceAttr(resourceName, "description", ""),
+					resource.TestCheckResourceAttr(resourceName, "instance_metadata_options.#", "0"),
 					resource.TestCheckResourceAttrPair(resourceName, "instance_profile_name", iamInstanceProfileResourceName, "name"),
 					resource.TestCheckResourceAttr(resourceName, "instance_types.#", "0"),
 					resource.TestCheckResourceAttr(resourceName, "key_pair", ""),
@@ -112,6 +113,34 @@ func TestAccImageBuilderInfrastructureConfiguration_description(t *testing.T) {
 	})
 }
 
+func TestAccImageBuilderInfrastructureConfiguration_instanceMetadataOptions(t *testing.T) {
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+	resourceName := "aws_imagebuilder_infrastructure_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acctest.PreCheck(t) },
+		ErrorCheck:   acctest.ErrorCheck(t, imagebuilder.EndpointsID),
+		Providers:    acctest.Providers,
+		CheckDestroy: testAccCheckInfrastructureConfigurationDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccInfrastructureConfigurationInstanceMetadataOptionsConfig(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckInfrastructureConfigurationExists(resourceName),
+					resource.TestCheckResourceAttr(resourceName, "instance_metadata_options.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "instance_metadata_options.0.http_put_response_hop_limit", "64"),
+					resource.TestCheckResourceAttr(resourceName, "instance_metadata_options.0.http_tokens", "required"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func TestAccImageBuilderInfrastructureConfiguration_instanceProfileName(t *testing.T) {
 	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
 	iamInstanceProfileResourceName := "aws_iam_instance_profile.test"
@@ -620,6 +649,22 @@ resource "aws_imagebuilder_infrastructure_configuration" "test" {
 `, rName, description))
 }
 
+func testAccInfrastructureConfigurationInstanceMetadataOptionsConfig(rName string) string {
+	return acctest.ConfigCompose(
+		testAccInfrastructureConfigurationBaseConfig(rName),
+		fmt.Sprintf(`
+resource "aws_imagebuilder_infrastructure_configuration" "test" {
+  instance_profile_name = aws_iam_instance_profile.test.name
+  name                  = %[1]q
+
+  instance_metadata_options {
+    http_put_response_hop_limit = 64
+    http_tokens                 = "required"
+  }
+}
+`, rName))
+}
+
 func testAccInfrastructureConfigurationInstanceProfileName1Config(rName string) string {
 	return acctest.ConfigCompose(
 		testAccInfrastructureConfigurationBaseConfig(rName),

@@ -31,6 +31,9 @@ In addition to all arguments above, the following attributes are exported:
 * `date_created` - Date the infrastructure configuration was created.
 * `date_created` - Date the infrastructure configuration was updated.
 * `description` - Description of the infrastructure configuration.
+* `instance_metadata_options` - Nested list of instance metadata options for the HTTP requests that pipeline builds use to launch EC2 build and test instances.
+    * `http_put_response_hop_limit` - Number of hops that an instance can traverse to reach its destonation.
+    * `http_tokens` - Whether a signed token is required for instance metadata retrieval requests.
 * `instance_profile_name` - Name of the IAM Instance Profile associated with the configuration.
 * `instance_types` - Set of EC2 Instance Types associated with the configuration.
 * `key_pair` - Name of the EC2 Key Pair associated with the configuration.

@@ -47,6 +47,7 @@ The following arguments are required:
 The following arguments are optional:
 
 * `description` - (Optional) Description for the configuration.
+* `instance_metadata_options` - (Optional) Configuration block with instance metadata options for the HTTP requests that pipeline builds use to launch EC2 build and test instances. Detailed below.
 * `instance_types` - (Optional) Set of EC2 Instance Types.
 * `key_pair` - (Optional) Name of EC2 Key Pair.
 * `logging` - (Optional) Configuration block with logging settings. Detailed below.
@@ -57,6 +58,13 @@ The following arguments are optional:
 * `tags` - (Optional) Key-value map of resource tags to assign to the configuration. If configured with a provider [`default_tags` configuration block](/docs/providers/aws/index.html#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level.
 * `terminate_instance_on_failure` - (Optional) Enable if the instance should be terminated when the pipeline fails. Defaults to `false`.
 
+### instance_metadata_options
+
+The following arguments are optional:
+
+* `http_put_response_hop_limit` - The number of hops that an instance can traverse to reach its destonation.
+* `http_tokens` - Whether a signed token is required for instance metadata retrieval requests. Valid values: `required`, `optional`.
+
 ### logging
 
 The following arguments are required: