From 1f3663346c9a8f806a1638540ee4d98fe6f98afd Mon Sep 17 00:00:00 2001
From: Philip Dubois <hello@philipdubois.be>
Date: Tue, 10 Sep 2024 14:29:02 +0200
Subject: [PATCH] chore: Enforce IMDSv2 (#45)

---
 teleport-server/instance.tf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/teleport-server/instance.tf b/teleport-server/instance.tf
index f8b413a..4c52d31 100644
--- a/teleport-server/instance.tf
+++ b/teleport-server/instance.tf
@@ -17,6 +17,12 @@ resource "aws_instance" "teleport_instance" {
     encrypted             = var.root_vl_encrypted
   }
 
+  metadata_options {
+    http_endpoint               = "enabled"
+    http_tokens                 = "required"
+    http_put_response_hop_limit = 1
+  }
+
   tags = {
     Name        = "teleport-${var.project}-${var.environment}"
     Stack       = "teleport"