github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/autoscaling/AVD-AWS-0129/CloudFormation.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/autoscaling/AVD-AWS-0129/CloudFormation.md (about)

     1  
     2  Remove sensitive data from the EC2 instance user-data
     3  
     4  ```yaml
     5  ---
     6  Resources:
     7    InstanceProfile:
     8      Type: AWS::IAM::InstanceProfile
     9      Properties:
    10        InstanceProfileName: MyIamInstanceProfile
    11        Path: "/"
    12        Roles:
    13        - MyAdminRole
    14    GoodExample:
    15      Type: AWS::EC2::LaunchTemplate
    16      Properties:
    17        LaunchTemplateName: MyLaunchTemplate
    18        LaunchTemplateData:
    19          IamInstanceProfile:
    20            Arn: !GetAtt
    21              - MyIamInstanceProfile
    22              - Arn
    23          DisableApiTermination: true
    24          ImageId: ami-04d5cc9b88example
    25          UserData: export SSM_PATH=/database/creds
    26          InstanceType: t2.micro
    27          KeyName: MyKeyPair
    28          MetadataOptions:
    29            - HttpTokens: required
    30          SecurityGroupIds:
    31            - sg-083cd3bfb8example
    32  ```