| FACT-2306 introduced support for v2 of the EC2 Instance Meta Data Service. However, this support has to be explicitly enabled by setting the AWS_IMDSv2 environment variable to true.
The environment variable requirement creates two points of friction:
- Using an environment variable instead of an entry in the Facter configuration makes it easy to get differing behavior depending on execution context. The environment that the puppet service receives is configured with a different set of files from that of a user shell which leads to inconsistent behavior.
- Requiring an environment variable makes AWS instances with HttpTokens=required special in that they require post-installation configuration that existing installation methods, like the puppet_agent module or PE install scripts, do not automate.
If possible, Facter should use IMDSv2 automatically when available. Otherwise, Facter should allow IMDSv2 to be controlled by a configuration setting. |
