[FACT-2904] Port AWS IDMSv2 to facter 3.x - Puppet Jira Server

XML

Word

Printable

Details

Type: Improvement
Status: Resolved
Priority: Normal
Resolution: Fixed
Affects Version/s: FACT 2.5.1, FACT 3.14.1
Fix Version/s: FACT 3.14.20
Component/s: Community
Labels:
- jira_escalated

Team:
Night's Watch
Story Points:
3
Sprint:
NW - 2021-09-08

Zendesk Ticket IDs:
45595
Zendesk Ticket Count:
1

Release Notes:
Enhancement
Release Notes Summary:

Hide
Port AWS IMDSv2 functionality to Facter 3. This was done for Facter 4 in ~~FACT-3042~~.

Show
Port AWS IMDSv2 functionality to Facter 3. This was done for Facter 4 in FACT-3042 .

QA Risk Assessment:
Needs Assessment

Description

The AWS IDMSv2 is a super important security feature offered on EC2 instances.
~~FACT-2306~~ had recently added facter support for it.

I would very like to port this into facter 2.x and 3.x. Is there a possibility a new patch version for those majors would be released if I port the IDMSv2 support?

Amazon recently released version 2 of their instance metadata service. The new service is session-oriented rather than a simple request/response HTTP call, and was created in response to recent security breaches.

Facter currently only seems to support version 1 of the metadata service for the ec2_metadata and ec2_userdata facts, making it difficult for Puppet users in high-security environments to transition to version 2 of the service.

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html

Attachments

Issue Links

relates to

FACT-2306 Add support for AWS IMDSv2

Resolved

mentioned in: Page Loading...

Activity

People

Assignee:: Victor Bobosila

Reporter:: Itamar Dori

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 2020/12/17 12:55 AM

Updated:: 2021/09/24 5:01 AM

Resolved:: 2021/09/06 2:20 AM