github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/ec2/AVD-AWS-0129/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/ec2/AVD-AWS-0129/Terraform.md (about)

     1  
     2  Remove sensitive data from the EC2 instance user-data generated by launch templates
     3  
     4  ```hcl
     5   resource "aws_iam_instance_profile" "good_example" {
     6  		 // ...
     7   }
     8   
     9   resource "aws_launch_template" "good_example" {
    10  	 image_id      = "ami-12345667"
    11  	 instance_type = "t2.small"
    12   
    13  	 iam_instance_profile {
    14  		 name = aws_iam_instance_profile.good_profile.arn
    15  	 }
    16  	 user_data = <<EOF
    17  	 export GREETING=hello
    18  EOF
    19  }
    20   
    21  ```
    22  
    23  #### Remediation Links
    24   - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#user_data
    25