tas50
commented
3 years ago @raghavvidya Can you provide more information on what you're hoping to do with Test Kitchen and the AWS metadata version 2 and what you can't do at this point?
Open raghavvidya opened 4 years ago
tas50
commented
3 years ago @raghavvidya Can you provide more information on what you're hoping to do with Test Kitchen and the AWS metadata version 2 and what you can't do at this point?
TheSAS
commented
3 years ago The question is how to pass this configuration into the kitchen:
metadata_options {
http_endpoint = "enabled"
http_tokens = "required"
http_put_response_hop_limit = 1
}https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html (--metadata-options)
fletchowns
commented
3 years ago I am wondering this as well - organization has a requirement to enforce IMDSv2 on all EC2 instances but I'm not seeing a way to do that with instances generated by test-kitchen. Did anybody figure this out yet?
chenwany
commented
3 years ago Hi, our team is also using kitchen test. We detect that the instances launched have IMDSv1 calls, is there any timeline for kitchen to transition to AWS metadata version 2(IMDVs2)? It may potentially block customers who disable IMDSv1 for security consideration.
Hello, Is there any option for running the Kitchen test with AWS metadata version 2(IMDVs2) ?
For more info about AWS IMDSv2 https://aws.amazon.com/about-aws/whats-new/2019/11/announcing-updates-amazon-ec2-instance-metadata-service/
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html