2024/03/25 - Amazon Elastic Compute Cloud - 2 new api methods
Changes Added support for ModifyInstanceMetadataDefaults and GetInstanceMetadataDefaults to set Instance Metadata Service account defaults
Modifies the default instance metadata service (IMDS) settings at the account level in the specified Amazon Web Services Region.
Note
To remove a parameter's account-level default setting, specify no-preference . At instance launch, the value will come from the AMI, or from the launch parameter if specified. For more information, see Order of precedence for instance metadata options in the Amazon EC2 User Guide .
See also: AWS API Documentation
Request Syntax
client.modify_instance_metadata_defaults(
HttpTokens='optional'|'required'|'no-preference',
HttpPutResponseHopLimit=123,
HttpEndpoint='disabled'|'enabled'|'no-preference',
InstanceMetadataTags='disabled'|'enabled'|'no-preference',
DryRun=True|False
)
string
Indicates whether IMDSv2 is required.
optional – IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1.
required – IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2.
integer
The maximum number of hops that the metadata token can travel.
Minimum: 1
Maximum: 64
string
Enables or disables the IMDS endpoint on an instance. When disabled, the instance metadata can't be accessed.
string
Enables or disables access to an instance's tags from the instance metadata. For more information, see Work with instance tags using the instance metadata in the Amazon EC2 User Guide .
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'Return': True|False
}
Response Structure
(dict) --
Return (boolean) --
If the request succeeds, the response returns true . If the request fails, no response is returned, and instead an error message is returned.
Gets the default instance metadata service (IMDS) settings that are set at the account level in the specified Amazon Web Services Region.
For more information, see Order of precedence for instance metadata options in the Amazon EC2 User Guide .
See also: AWS API Documentation
Request Syntax
client.get_instance_metadata_defaults(
DryRun=True|False
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'AccountLevel': {
'HttpTokens': 'optional'|'required',
'HttpPutResponseHopLimit': 123,
'HttpEndpoint': 'disabled'|'enabled',
'InstanceMetadataTags': 'disabled'|'enabled'
}
}
Response Structure
(dict) --
AccountLevel (dict) --
The account-level default IMDS settings.
HttpTokens (string) --
Indicates whether IMDSv2 is required.
optional – IMDSv2 is optional, which means that you can use either IMDSv2 or IMDSv1.
required – IMDSv2 is required, which means that IMDSv1 is disabled, and you must use IMDSv2.
HttpPutResponseHopLimit (integer) --
The maximum number of hops that the metadata token can travel.
HttpEndpoint (string) --
Indicates whether the IMDS endpoint for an instance is enabled or disabled. When disabled, the instance metadata can't be accessed.
InstanceMetadataTags (string) --
Indicates whether access to instance tags from the instance metadata is enabled or disabled. For more information, see Work with instance tags using the instance metadata in the Amazon EC2 User Guide .