Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,558,868
Community Members
 
Community Events
184
Community Groups

How to set ec2 instance options upon elastic launch (IMDSv2 metadata specifically)

Chris Stevens
Chris Stevens Dec 03, 2020

One of the AWS recommendations in Security Hub considered "High" severity is setting all EC2 instances to use Instance Metadata Service Version 2 (IMDSv2). Is there a way to make this happen with elastic Bamboo instances? 

If I have access to edit the command that's run to launch the instances, that would work (--metadata-options "HttpEndpoint=enabled,HttpTokens=required" added to the aws ec2 run-instances command). If I'm not able to edit that, any other thoughts? Thanks in advance! 

Answer
Watch
Like Steffen Opel _Utoolity_ likes this
392 views

3 answers

1 vote
Alistair.Mackay
Alistair.Mackay Jan 09, 2021 • edited

Hi @Chris Stevens 

The best way I've found to modify an EC2 instance when it's launched is to use CloudWatch Events and Lambda. You could adapt the solution I developed for adding additional security groups to a launching elastic agent.

See my original question and the solution.

Reply
0 votes
Lei P
Lei P Feb 28, 2023

For whoever find this thread, let's push Atlassian support this via https://jira.atlassian.com/browse/BAM-21978 

Reply
0 votes
Lei P
Lei P Sep 12, 2022 • edited Sep 13, 2022

Hey, Atlassian team, this is a Sec issue many bamboo user will need for AWS Integration. Please provide a native solution ASAP.

Bamboo should support native IMDS v2 instead customer has to update post ec2 launch.

Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

See all events