terraform-aws-modules · antonbabenko · Dec 10, 2020 · Dec 10, 2020 · Dec 10, 2020 · Dec 10, 2020
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file.
 <a name="unreleased"></a>
 ## [Unreleased]
 
-
+- feat: Add support for "metadata_options" argument ([#191](https://github.com/terraform-aws-modules/terraform-aws-ec2-instance/issues/191))
 
 <a name="v2.15.0"></a>
 ## [v2.15.0] - 2020-06-10

diff --git a/README.md b/README.md
@@ -121,6 +121,7 @@ No requirements.
 | ipv6\_address\_count | A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. | `number` | `null` | no |
 | ipv6\_addresses | Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface | `list(string)` | `null` | no |
 | key\_name | The key name to use for the instance | `string` | `""` | no |
+| metadata\_options | Customize the metadata options of the instance | <code>object({<br>&nbsp;&nbsp;http_endpoint = string<br>&nbsp;&nbsp;http_tokens = string<br>&nbsp;&nbsp;http_put_response_hop_limit = number<br>})</code> | <code>{<br>&nbsp;&nbsp;http_endpoint = "enabled"<br>&nbsp;&nbsp;http_tokens = "optional"<br>&nbsp;&nbsp;http_put_response_hop_limit = 1<br>}</code> | no |
 | monitoring | If true, the launched EC2 instance will have detailed monitoring enabled | `bool` | `false` | no |
 | name | Name to be used on all resources as prefix | `string` | n/a | yes |
 | network\_interface | Customize network interfaces to be attached at instance boot time | `list(map(string))` | `[]` | no |
@@ -153,6 +154,7 @@ No requirements.
 | instance\_state | List of instance states of instances |
 | ipv6\_addresses | List of assigned IPv6 addresses of instances |
 | key\_name | List of key names of instances |
+| metadata_options | List of metadata options of instances |
 | password\_data | List of Base-64 encoded encrypted password data for the instance |
 | placement\_group | List of placement groups of instances |
 | primary\_network\_interface\_id | List of IDs of the primary network interface of instances |

diff --git a/examples/basic/main.tf b/examples/basic/main.tf
@@ -142,6 +142,25 @@ module "ec2_with_t3_unlimited" {
   associate_public_ip_address = true
 }
 
+module "ec2_with_metadata_options" {
+  source = "../../"
+
+  instance_count = 1
+
+  name                        = "example-metadata_options"
+  ami                         = data.aws_ami.amazon_linux.id
+  instance_type               = "c5.large"
+  subnet_id                   = tolist(data.aws_subnet_ids.all.ids)[0]
+  vpc_security_group_ids      = [module.security_group.this_security_group_id]
+  associate_public_ip_address = true
+
+  metadata_options = {
+    http_endpoint               = "enabled"
+    http_tokens                 = "required"
+    http_put_response_hop_limit = 8
+  }
+}
+
 module "ec2_with_network_interface" {
   source = "../../"
 

diff --git a/examples/basic/outputs.tf b/examples/basic/outputs.tf
@@ -63,3 +63,12 @@ output "credit_specification_t2_unlimited" {
   value       = module.ec2_with_t2_unlimited.credit_specification
 }
 
+output "metadata_options" {
+  description = "Metadata options for the instance"
+  value       = module.ec2.metadata_options
+}
+
+output "metadata_options_custom" {
+  description = "Customized metadata options for the instance"
+  value       = module.ec2_with_metadata_options.metadata_options
+}
diff --git a/main.tf b/main.tf
@@ -61,6 +61,12 @@ resource "aws_instance" "this" {
     }
   }
 
+  metadata_options {
+    http_endpoint               = var.metadata_options["http_endpoint"]
+    http_tokens                 = var.metadata_options["http_tokens"]
+    http_put_response_hop_limit = var.metadata_options["http_put_response_hop_limit"]
+  }
+
   dynamic "network_interface" {
     for_each = var.network_interface
     content {

diff --git a/outputs.tf b/outputs.tf
@@ -78,6 +78,11 @@ output "credit_specification" {
   value       = aws_instance.this.*.credit_specification
 }
 
+output "metadata_options" {
+  description = "List of metadata options of instances"
+  value       = aws_instance.this.*.metadata_options
+}
+
 output "instance_state" {
   description = "List of instance states of instances"
   value       = aws_instance.this.*.instance_state

diff --git a/variables.tf b/variables.tf
@@ -181,6 +181,20 @@ variable "cpu_credits" {
   default     = "standard"
 }
 
+variable "metadata_options" {
+  description = "Customize the metadata options of the instance"
+  type        = object({
+    http_endpoint               = string
+    http_tokens                 = string
+    http_put_response_hop_limit = number
+  })
+  default     = {
+    http_endpoint               = "enabled"
+    http_tokens                 = "optional"
+    http_put_response_hop_limit = 1
+  }
+}
+
 variable "use_num_suffix" {
   description = "Always append numerical suffix to instance name, even if instance_count is 1"
   type        = bool
@@ -192,5 +206,3 @@ variable "num_suffix_format" {
   type        = string
   default     = "-%d"
 }
-
-