@@ -50,19 +50,23 @@ resource "aws_instance" "app-server-read" {
5050 iam_instance_profile = . ec2_profile . name
5151 associate_public_ip_address = true
5252 subnet_id = . public [0 ]. id
53- ebs_optimized = true
54- monitoring = true
53+ ebs_optimized = true
54+ monitoring = true
5555 root_block_device {
5656 encrypted = true
5757 }
58+ metadata_options {
59+ http_endpoint = " enabled"
60+ http_tokens = " required"
61+ }
5862 tags =
5963 Name = " app-4-server-read"
6064 }
6165 user_data = templatefile (" user_data/read_elasticache.tpl"
6266 {
63- Region = var.region,
64- elasticache_ep = aws_ssm_parameter.elasticache_ep.name,
65- elasticache_ep_port = aws_ssm_parameter.elasticache_port.name,
67+ Region = var.region,
68+ elasticache_ep = aws_ssm_parameter.elasticache_ep.name,
69+ elasticache_ep_port = aws_ssm_parameter.elasticache_port.name,
6670 elasticache_auth_token = aws_secretsmanager_secret.elasticache_auth.name
6771 })
6872}
@@ -73,19 +77,23 @@ resource "aws_instance" "app-server-write" {
7377 iam_instance_profile = . ec2_profile . name
7478 associate_public_ip_address = true
7579 subnet_id = . public [0 ]. id
76- ebs_optimized = true
77- monitoring = true
78- root_block_device {
80+ ebs_optimized = true
81+ monitoring = true
82+ root_block_device {
7983 encrypted = true
8084 }
85+ metadata_options {
86+ http_endpoint = " enabled"
87+ http_tokens = " required"
88+ }
8189 tags =
8290 Name = " app-4-server-write"
8391 }
8492 user_data = templatefile (" user_data/write_elasticache.tpl"
8593 {
86- Region = var.region,
87- elasticache_ep = aws_ssm_parameter.elasticache_ep.name,
88- elasticache_ep_port = aws_ssm_parameter.elasticache_port.name,
94+ Region = var.region,
95+ elasticache_ep = aws_ssm_parameter.elasticache_ep.name,
96+ elasticache_ep_port = aws_ssm_parameter.elasticache_port.name,
8997 elasticache_auth_token = aws_secretsmanager_secret.elasticache_auth.name
9098 })
9199}
0 commit comments