Guided Lab: Exploring Instance Metadata
Description
Instance metadata is a service provided by AWS that allows EC2 instances to access data about themselves. This data can be used to configure or manage the running instance. It’s divided into categories, such as host name, events, and security groups.
You can also use instance metadata to access user data that you specified when launching your instance. For example, you can specify parameters for configuring your instance, or include a simple script. You can build generic Amazon Machine Images (AMIs) and use user data to modify the configuration files supplied at launch time.
Although you can only access instance metadata and user data from within the instance itself, the data is not protected by authentication or cryptographic methods. Therefore, you should not store sensitive data, such as passwords or long-lived encryption keys, as user data.
Prerequisites
This lab assumes you have experience creating EC2 instances and are familiar with its basic components.
If you find any gaps in your knowledge, consider taking the following labs:
- Creating an Amazon EC2 instance (Linux)
Objectives
In this lab, you will:
- Understand the concept of instance metadata
- Learn how to retrieve instance metadata.
Lab Steps
Creating a Launch template
Create two EC2 instances using the following configurations:
- Name:
- Instance type: t2.micro
- AMI: Ubuntu
- Key pair: Create a new Key Pair
- Key Pair name: MyKeyPair
- Key Pair Type: RSA
- Private key file format: .pem
- Click Create key pair
- Network settings;
- Allow SSh traffic from: My IP
Review your instance configurations and click the “Launch Instance” button.
Connect to the Instance
1. After launching an instance, it may take a few minutes for it to be ready for connection.
2. Find the public DNS name or IP address of your instance to connect to it.
3. Ensure that an SSH client is installed on your local computer by typing “SSH” in the command line. If the command is not recognized, install an SSH client.
4. To connect to your instance using SSH, open a terminal and use the SSH command. Specify the path and file name of the private key (.pem), the username for your instance, and the public DNS name or IPv6 address for your instance.
ssh -i "path_toyour_key.pem" ec2-user@your-instance-public-dns
Access Instance Metadata
Once you’re connected to the instance, you can access the instance metadata. Most cloud providers make this available at a specific IP address. For example, on AWS, you can use the following command:
TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` \
&& curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/
This will return a list of available metadata categories.
Explore Different Metadata Categories
You can explore different metadata categories, such as ami-id
, hostname
, public-keys
, etc., by appending the category name to the end of the URL. For example, to get the instance’s public hostname on AWS, you can use:
TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` && curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/public-hostname
Congratulations! You’ve successfully explored Instance Metadata. You can explore more about Instance Metadata from here as you like. Happy exploring!