Merge pull request #18 from mheffner/launch-template-config

Expand launch config customizations
masterpointio · Feb 5, 2024 · 782823c · 782823c
2 parents 76992e9 + 9410a0a
commit 782823c
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 2 deletions.
diff --git a/main.tf b/main.tf
@@ -276,11 +276,11 @@ resource "aws_launch_template" "default" {
   user_data     = base64encode(var.user_data)
 
   monitoring {
-    enabled = true
+    enabled = var.monitoring_enabled
   }
 
   network_interfaces {
-    associate_public_ip_address = false
+    associate_public_ip_address = var.associate_public_ip_address
     delete_on_termination       = true
     security_groups             = concat(var.additional_security_group_ids, [aws_security_group.default.id])
   }
@@ -302,6 +302,12 @@ resource "aws_launch_template" "default" {
   lifecycle {
     create_before_destroy = true
   }
+
+  metadata_options {
+    http_endpoint      = var.metadata_http_endpoint_enabled ? "enabled" : "disabled"
+    http_tokens        = var.metadata_imdsv2_enabled ? "required" : "optional"
+    http_protocol_ipv6 = var.metadata_http_protocol_ipv6_enabled ? "enabled" : "disabled"
+  }
 }
 
 resource "aws_autoscaling_group" "default" {

diff --git a/variables.tf b/variables.tf
@@ -62,6 +62,40 @@ variable "additional_security_group_ids" {
   default     = []
 }
 
+variable "monitoring_enabled" {
+  description = "Enable detailed monitoring of instance"
+  type        = bool
+  default     = true
+}
+
+variable "associate_public_ip_address" {
+  description = "Associate public IP address"
+  type        = bool
+  # default should fall back to subnet setting
+  default = null
+}
+
+variable "metadata_http_endpoint_enabled" {
+  description = "Whether or not to enable the metadata http endpoint"
+  type        = bool
+  default     = true
+}
+
+variable "metadata_imdsv2_enabled" {
+  description = <<-EOT
+    Whether or not the metadata service requires session tokens,
+    also referred to as Instance Metadata Service Version 2 (IMDSv2).
+  EOT
+  type        = bool
+  default     = true
+}
+
+variable "metadata_http_protocol_ipv6_enabled" {
+  description = "Enable IPv6 metadata endpoint"
+  type        = bool
+  default     = false
+}
+
 ######################
 ## SESSION LOGGING ##
 ####################