search

aws-ia / terraform-aws-swift-digital-connectivity

The Terraform version of the SWIFT Client Connectivity solution
Apache License 2.0
1 stars 4 forks source link

Need to enable https encryption #11

Open troy-ameigh opened 2 years ago

troy-ameigh commented 2 years ago

Need to enable https encryption

https://github.com/aws-ia/terraform-swift-digital-connectivity/blob/90616d3aa2a442a559ef01654fb2d36b58dabd2e/modules/ec2/main.tf#L15

drewmullen commented 2 years ago

IMDSv2

drewmullen commented 2 years ago

example of updating your commands to comply with IMDSv2

#!/usr/bin/env bash
readonly TOKEN=$(curl -X PUT -H "X-aws-ec2-metadata-token-ttl-seconds: 30" "http://169.254.169.254/latest/api/token")
USEDMEMORY=$(free -m | awk 'NR==2{printf "%.2f\t", ($3/$2)*100 }')
INSTANCE_ID=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/instance-id)
REGION=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.254/latest/dynamic/instance-identity/document | grep '\"region\"' | cut -d\" -f4)

aws cloudwatch put-metric-data --metric-name memory-usage --dimensions Instance=$INSTANCE_ID --namespace "Custom" --value $USEDMEMORY --region $REGION