Rich Green

To deploy at account level with Terraform... https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_instance_metadata_defaults

https://github.com/ministryofjustice/modernisation-platform/pull/6930 - Draft PR to default to IMDSv2 pointing at updated baseline module.

https://github.com/ministryofjustice/modernisation-platform-terraform-baselines/pull/446 - PR to update the baselines module to include imdsv2 by default.

New release to Baselines module enabling IMDSv2 by default [v7.1.0](https://github.com/ministryofjustice/modernisation-platform-terraform-baselines/releases/tag/v7.1.0)

Notice sent in the update channel https://mojdt.slack.com/archives/C02L5MCJ12N/p1715258727944999

> We are also facing crippling throttling on method `ListTagsForResource` for `aws_config_config_rule` resources. We had issues with this over the last few weeks but today it has started to work...

Some alerts we already have in place... https://user-guide.modernisation-platform.service.justice.gov.uk/runbooks/cloudwatch-networking-alarms.html#cloudwatch-networking-alarms https://status.modernisation-platform.service.justice.gov.uk/

I've gone through the code in Modernisation Platform Environments and created a [spreadsheet](https://docs.google.com/spreadsheets/d/1lB2JEOLjfcWip68UuS_6o9sYgbhmg1NxxVe-nampN1A/edit?usp=drive_link) to document the use of EKS/ECS, making note of where hardcoded ami values are being used. **ECS**...

Here's a blog with some template code for automating the update of EC2 instances in an auto scaling group that is hosting ECS services https://aws.amazon.com/blogs/industries/automate-patching-by-replacing-amazon-ecs-container-instances/ Essentially it looks up the...

**Retrieving latest AMIs:** **ECS** The ECS TF module uses a data call to retrieve the latest ECS-optimised AMI image by querying the Systems Manager Parameter Store API. https://github.com/terraform-aws-modules/terraform-aws-ecs/blob/master/examples/ec2-autoscaling/main.tf#L162C3-L165 This is...