Difference between revisions of "AWS Instance Metadata Service (IMDS)"
Jump to navigation
Jump to search
m (Ant moved page Instance metadata Service (IMDS) to AWS Instance metadata Service (IMDS)) |
|||
(21 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
+ | * https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html | ||
+ | * <code>[[aws ec2 modify-instance-metadata-options]]</code> | ||
+ | * [[IMDSv2]] | ||
+ | If you use [[Auto Scaling groups]] and you need to require the use of IMDSv2 on all new instances, your Auto Scaling groups must use [[launch templates]]. | ||
+ | |||
+ | * [[Datadog AWS Integration Billing]]: If your EC2 instances are configured to require the use of Instance Metadata Service Version 2 (IMDSv2), then you must set the parameter ec2_prefer_imdsv2 to true in your Datadog agent configuration to avoid double-billing. | ||
+ | |||
+ | TOKEN=`[[curl -X PUT]] "http://169.254.169.254/latest/api/token" [[-H]] "X-aws-ec2-metadata-token-ttl-seconds: 21600"` \ && [[curl -H]] "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/[[user-data]] | ||
+ | |||
+ | == Related == | ||
+ | * [[Azure Instance Metadata Service]] | ||
* [[Instance metadata and user data]] | * [[Instance metadata and user data]] | ||
+ | * <code>[[ec2-imdsv2-check]]</code>, the rule is <code>[[NON_COMPLIANT]]</code> if the <code>[[HttpTokens]]</code> is set to optional. | ||
+ | * <code>[[aws ec2 describe-instances]] | grep [[HttpTokens]]</code> | ||
+ | * [[AWS EC2 Instance Connect]] | ||
+ | * [[Datadog]]: <code>[[DD_EC2_PREFER_IMDSV2]]</code> | ||
+ | * [[IMDS initiate session]] | ||
+ | * <code>[[Failed to refresh cached credentials, no EC2 IMDS role found]]</code> | ||
− | * [[ | + | == See also == |
+ | * {{IMDS}} | ||
+ | * {{AWS EC2}} | ||
+ | |||
+ | [[Category:AWS]] |
Latest revision as of 11:04, 26 February 2024
If you use Auto Scaling groups and you need to require the use of IMDSv2 on all new instances, your Auto Scaling groups must use launch templates.
- Datadog AWS Integration Billing: If your EC2 instances are configured to require the use of Instance Metadata Service Version 2 (IMDSv2), then you must set the parameter ec2_prefer_imdsv2 to true in your Datadog agent configuration to avoid double-billing.
TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` \ && curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/user-data
Related[edit]
- Azure Instance Metadata Service
- Instance metadata and user data
ec2-imdsv2-check
, the rule isNON_COMPLIANT
if theHttpTokens
is set to optional.aws ec2 describe-instances | grep HttpTokens
- AWS EC2 Instance Connect
- Datadog:
DD_EC2_PREFER_IMDSV2
- IMDS initiate session
Failed to refresh cached credentials, no EC2 IMDS role found
See also[edit]
- IMDS, IMDSv2,
ec2-imdsv2-check, aws ec2 modify-instance-metadata-options, /latest/meta-data, /latest/user-data
- AWS EC2, Amazon EC2 API,
aws ec2, AWS::EC2
, Amazon EC2 Spot Instances, CPU credits, Instance type, EC2 limitations, 169.254.169.254, Instance metadata and user data (IMDS),InstanceType, InstanceId
, Amazon EC2 Auto Scaling, AWS EC2 Instance Connect, launch template, lifecycle, AWS Security group (SG), Amazon EC2 Recycle Bin, Amazon EC2 Mac Instances, Global View
Advertising: