Checks/Aws/Test-AutoscalingGroupLaunchConfigurationRequiresImdsv2.ps1
|
function Test-AutoscalingGroupLaunchConfigurationRequiresImdsv2 { <# .SYNOPSIS Auto Scaling group enforces IMDSv2 or disables the instance metadata service .DESCRIPTION Amazon EC2 Auto Scaling launch configurations are evaluated for **Instance Metadata Service** settings. Instances should have the metadata endpoint `enabled` with `http_tokens=required` (enforcing **IMDSv2**), or have the metadata service `disabled`. Allowing `http_tokens=optional` or omitting the version leaves legacy access enabled. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: autoscaling_group_launch_configuration_requires_imdsv2 [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check autoscaling_group_launch_configuration_requires_imdsv2 for reference.', 'N/A', 'autoscaling Resources') } |