update ec2_metadata

author: wilkosz <joshua@wilkosz.com.au> 2020-04-26 16:38:26 +1000
committer: wilkosz <joshua@wilkosz.com.au> 2020-04-26 16:38:26 +1000
commit: 6fafa713857c24fd5c1fb426f48da49f330b86a3 (patch)
tree: 973aa04d3e11cd965797dc7f0a4b6ae31cf8feb5
parent: 2a1f66849aae33b05a519be99ae4a475ff07260f (diff)
download: ohai-6fafa713857c24fd5c1fb426f48da49f330b86a3.tar.gz
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/ohai/mixin/ec2_metadata.rb b/lib/ohai/mixin/ec2_metadata.rb
index cddb05e4..9e5f15c1 100644
--- a/lib/ohai/mixin/ec2_metadata.rb
+++ b/lib/ohai/mixin/ec2_metadata.rb
@@ -50,7 +50,7 @@ module Ohai
       def best_api_version
         @api_version ||= begin
           logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/ to determine the latest supported metadata release")
-          response = http_client.get("/")
+          response = http_client.get("/", {:'X-aws-ec2-metadata-token' => v2_token})
           if response.code == "404"
             logger.trace("Mixin EC2: Received HTTP 404 from metadata server while determining API version, assuming 'latest'")
             return "latest"
@@ -83,6 +83,9 @@ module Ohai
         end
       end
 
+      def v2_token
+        http_client.put('/latest/api/token/', nil, {:'X-aws-ec2-metadata-token-ttl-seconds' => '60'})&.body
+      end
       # Get metadata for a given path and API version
       #
       # Typically, a 200 response is expected for valid metadata.
@@ -92,7 +95,7 @@ module Ohai
       def metadata_get(id, api_version)
         path = "/#{api_version}/meta-data/#{id}"
         logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}#{path}")
-        response = http_client.get(path)
+        response = http_client.get(path, {:'X-aws-ec2-metadata-token' => v2_token})
         case response.code
         when "200"
           response.body
@@ -173,13 +176,13 @@ module Ohai
 
       def fetch_userdata
         logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/#{best_api_version}/user-data/")
-        response = http_client.get("/#{best_api_version}/user-data/")
+        response = http_client.get("/#{best_api_version}/user-data/", {:'X-aws-ec2-metadata-token' => v2_token})
         response.code == "200" ? response.body : nil
       end
 
       def fetch_dynamic_data
         @fetch_dynamic_data ||= begin
-          response = http_client.get("/#{best_api_version}/dynamic/instance-identity/document/")
+          response = http_client.get("/#{best_api_version}/dynamic/instance-identity/document/", {:'X-aws-ec2-metadata-token' => v2_token})
 
           if json?(response.body) && response.code == "200"
             FFI_Yajl::Parser.parse(response.body)
author	wilkosz <joshua@wilkosz.com.au>	2020-04-26 16:38:26 +1000
committer	wilkosz <joshua@wilkosz.com.au>	2020-04-26 16:38:26 +1000
commit	6fafa713857c24fd5c1fb426f48da49f330b86a3 (patch)
tree	973aa04d3e11cd965797dc7f0a4b6ae31cf8feb5
parent	2a1f66849aae33b05a519be99ae4a475ff07260f (diff)
download	ohai-6fafa713857c24fd5c1fb426f48da49f330b86a3.tar.gz