aws-extensions-for-dotnet-cli icon indicating copy to clipboard operation
aws-extensions-for-dotnet-cli copied to clipboard

Published 20 hours ago verified publisher icon aws

Extensions CLI publishes beanstalk environments with IMDSv1 enabled

Open shruti0085 opened this issue 10 months ago • 1 comments

Describe the feature

Creating an issue here to track https://github.com/aws/aws-toolkit-visual-studio/issues/359 on the Visual Studio Toolkit. The Visual Studio Toolkit leverages the AWS Extensions for Dotnet CLI to power some of the publish experiences including legacy beanstalk deploy support, so any changes to behavior will have to originate in this repository.

Beanstalk environments deployed using the CLI creates environment with IMDSv1 enabled instead of IMDSv2 which is now recommended by AWS.

Use Case

Snippet from the original issue IMDSv1 has been superseded by IMDSv2 and AWS is suggesting to upgrade to it everywhere, since IMDSv2 is inherently more secure. I noticed that when publishing applications with AWS Toolkit to Elastic Beanstalk, the EC2 instances have the IMDSv1 property activated.

Proposed Solution

Support creating IMDSv2 enabled beanstalk environments

Other Information

No response

Acknowledgements

  • [ ] I may be able to implement this feature request
  • [ ] This feature might incur a breaking change

Targeted .NET platform

Unavailable

CLI extension version

No response

Environment details (OS name and version, etc.)

Windows

shruti0085 avatar Sep 07 '23 23:09 shruti0085

There is a related issue for .NET Deploy tool as well.

ashishdhingra avatar Sep 08 '23 15:09 ashishdhingra