Add support for .NET 9 and support for disabling IMDS v1 for Beanstal…

…k recipes The support for disabling IMDS v1 provides a mechanism for transitions EC2 Launch Configuration to Launch Templates
aws · Oct 20, 2024 · 7bf06e5 · 7bf06e5
1 parent 31b8aed
commit 7bf06e5
Show file tree

Hide file tree

Showing 30 changed files with 144 additions and 26 deletions.
diff --git a/.autover/changes/07AEC2AC-0C7B-4C60-9EAF-C92E6A805559.json b/.autover/changes/07AEC2AC-0C7B-4C60-9EAF-C92E6A805559.json
@@ -0,0 +1,13 @@
+{
+  "Projects": [
+    {
+      "Name": "AWS.Deploy.CLI",
+      "Type": "Minor",
+      "ChangelogMessages": [
+        "Added support for .NET 9 in deployment recipes.",
+		"Added ability to configure EC2 IMDSv1 access for the Windows and Linux Elastic Beanstalk recipes.",
+		"Support Elastic Beanstalk's transition to using EC2 Launch Templates from the deprecated Launch Configuration."
+      ]
+    }
+  ]
+}
diff --git a/...content/docs/cicd/recipes/ASP.NET Core App to AWS Elastic Beanstalk on Linux.md b/...content/docs/cicd/recipes/ASP.NET Core App to AWS Elastic Beanstalk on Linux.md
@@ -34,6 +34,10 @@
     * ID: InstanceType
     * Description: The EC2 instance type of the EC2 instances created for the environment.
     * Type: String
+* **Access to IMDS v1**
+    * ID: IMDSv1Access
+    * Description: Access to IMDS v1; Default means new deployments will disable IMDSv1, redeployments leave the setting at its current value.
+    * Type: String
 * **Environment Type**
     * ID: EnvironmentType
     * Description: The type of environment to create; for example, a single instance for development work or load balanced for production.

diff --git a/...ntent/docs/cicd/recipes/ASP.NET Core App to AWS Elastic Beanstalk on Windows.md b/...ntent/docs/cicd/recipes/ASP.NET Core App to AWS Elastic Beanstalk on Windows.md
@@ -29,6 +29,10 @@
     * ID: InstanceType
     * Description: The EC2 instance type of the EC2 instances created for the environment.
     * Type: String
+* **Access to IMDS v1**
+    * ID: IMDSv1Access
+    * Description: Access to IMDS v1; Default means new deployments will disable IMDSv1, redeployments leave the setting at its current value.
+    * Type: String
 * **Environment Type**
     * ID: EnvironmentType
     * Description: The type of environment to create; for example, a single instance for development work or load balanced for production.

diff --git a/src/AWS.Deploy.DockerEngine/Properties/DockerFileConfig.json b/src/AWS.Deploy.DockerEngine/Properties/DockerFileConfig.json
@@ -2,11 +2,17 @@
     {
         "SdkType": "Microsoft.NET.Sdk.Web",
         "ImageMapping": [
+            {
+                "TargetFramework": "net9.0",
+                "BaseImage": "mcr.microsoft.com/dotnet/aspnet:9.0",
+                "BuildImage": "mcr.microsoft.com/dotnet/sdk:9.0"
+            },
             {
                 "TargetFramework": "net8.0",
                 "BaseImage": "mcr.microsoft.com/dotnet/aspnet:8.0",
                 "BuildImage": "mcr.microsoft.com/dotnet/sdk:8.0"
-            },            {
+            },
+            {
                 "TargetFramework": "net7.0",
                 "BaseImage": "mcr.microsoft.com/dotnet/aspnet:7.0",
                 "BuildImage": "mcr.microsoft.com/dotnet/sdk:7.0"
@@ -31,11 +37,16 @@
     {
         "SdkType": "Microsoft.NET.Sdk",
         "ImageMapping": [
+            {
+                "TargetFramework": "net9.0",
+                "BaseImage": "mcr.microsoft.com/dotnet/runtime:9.0",
+                "BuildImage": "mcr.microsoft.com/dotnet/sdk:9.0"
+            },
             {
                 "TargetFramework": "net8.0",
                 "BaseImage": "mcr.microsoft.com/dotnet/runtime:8.0",
                 "BuildImage": "mcr.microsoft.com/dotnet/sdk:8.0"
-            },            
+            },
             {
                 "TargetFramework": "net7.0",
                 "BaseImage": "mcr.microsoft.com/dotnet/runtime:7.0",

diff --git a/src/AWS.Deploy.Orchestration/CdkAppSettingsSerializer.cs b/src/AWS.Deploy.Orchestration/CdkAppSettingsSerializer.cs
@@ -53,7 +53,8 @@ public string Build(CloudApplication cloudApplication, Recommendation recommenda
                 ECRRepositoryName = recommendation.DeploymentBundle.ECRRepositoryName ?? "",
                 ECRImageTag = recommendation.DeploymentBundle.ECRImageTag ?? "",
                 DotnetPublishZipPath = recommendation.DeploymentBundle.DotnetPublishZipPath ?? "",
-                DotnetPublishOutputDirectory = recommendation.DeploymentBundle.DotnetPublishOutputDirectory ?? ""
+                DotnetPublishOutputDirectory = recommendation.DeploymentBundle.DotnetPublishOutputDirectory ?? "",
+                NewDeployment = !recommendation.IsExistingCloudApplication
             };
 
             // Persist deployment bundle settings

diff --git a/src/AWS.Deploy.Orchestration/DeploymentBundleHandler.cs b/src/AWS.Deploy.Orchestration/DeploymentBundleHandler.cs
@@ -133,9 +133,9 @@ private void SwitchToSelfContainedBuildIfNeeded(Recommendation recommendation)
                 if (string.IsNullOrEmpty(targetFramework))
                     return;
 
-                // Elastic Beanstalk doesn't currently have .NET 7 preinstalled.
-                var unavailableFramework = new List<string> { "net7.0" };
-                var frameworkNames = new Dictionary<string, string> { { "net7.0", ".NET 7" } };
+                // Elastic Beanstalk doesn't currently have .NET 7 and 9 preinstalled.
+                var unavailableFramework = new List<string> { "net7.0", "net9.0" };
+                var frameworkNames = new Dictionary<string, string> { { "net7.0", ".NET 7" }, { "net9.0", ".NET 9" } };
                 if (unavailableFramework.Contains(targetFramework))
                 {
                     _interactiveService.LogInfoMessage($"Using self-contained publish since AWS Elastic Beanstalk does not currently have {frameworkNames[targetFramework]} preinstalled");

diff --git a/src/AWS.Deploy.Recipes.CDK.Common/AWS.Deploy.Recipes.CDK.Common.csproj b/src/AWS.Deploy.Recipes.CDK.Common/AWS.Deploy.Recipes.CDK.Common.csproj
@@ -15,7 +15,7 @@
 
   <ItemGroup>
     <PackageReference Include="Amazon.CDK.Lib" Version="2.155.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
   </ItemGroup>
 
   <ItemGroup>

diff --git a/src/AWS.Deploy.Recipes.CDK.Common/RecipeProps.cs b/src/AWS.Deploy.Recipes.CDK.Common/RecipeProps.cs
@@ -70,6 +70,11 @@ public interface IRecipeProps<T>
         /// The account ID used during deployment.
         /// </summary>
         string? AWSAccountId { get; set; }
+
+        /// <summary>
+        /// True if the recipe is doing a new deployment.
+        /// </summary>
+        bool NewDeployment { get; set; }
     }
 
     /// <summary>
@@ -138,6 +143,11 @@ public class RecipeProps<T> : IRecipeProps<T>
         /// </summary>
         public string? AWSAccountId { get; set; }
 
+        /// <summary>
+        /// True if the recipe is doing a redeployment.
+        /// </summary>
+        public bool NewDeployment { get; set; } = false;
+
         /// A parameterless constructor is needed for <see cref="Microsoft.Extensions.Configuration.ConfigurationBuilder"/>
         /// or the classes will fail to initialize.
         /// The warnings are disabled since a parameterless constructor will allow non-nullable properties to be initialized with null values.

diff --git a/src/AWS.Deploy.Recipes/CdkTemplates/AspNetAppAppRunner/AspNetAppAppRunner.csproj b/src/AWS.Deploy.Recipes/CdkTemplates/AspNetAppAppRunner/AspNetAppAppRunner.csproj
@@ -25,7 +25,7 @@
   <ItemGroup>
     <!-- CDK Construct Library dependencies -->
     <PackageReference Include="Amazon.CDK.Lib" Version="2.155.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
 
     <!-- jsii Roslyn analyzers (un-comment to obtain compile-time checks for missing required props
     <PackageReference Include="Amazon.Jsii.Analyzers" Version="*" PrivateAssets="all" />

diff --git a/src/AWS.Deploy.Recipes/CdkTemplates/AspNetAppEcsFargate/AspNetAppEcsFargate.csproj b/src/AWS.Deploy.Recipes/CdkTemplates/AspNetAppEcsFargate/AspNetAppEcsFargate.csproj
@@ -25,7 +25,7 @@
   <ItemGroup>
     <!-- CDK Construct Library dependencies -->
     <PackageReference Include="Amazon.CDK.Lib" Version="2.155.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
 
     <!-- jsii Roslyn analyzers (un-comment to obtain compile-time checks for missing required props
     <PackageReference Include="Amazon.Jsii.Analyzers" Version="*" PrivateAssets="all" />

diff --git a/...Recipes/CdkTemplates/AspNetAppElasticBeanstalkLinux/AspNetAppElasticBeanstalkLinux.csproj b/...Recipes/CdkTemplates/AspNetAppElasticBeanstalkLinux/AspNetAppElasticBeanstalkLinux.csproj
@@ -27,7 +27,7 @@
     <PackageReference Include="Amazon.CDK.Lib" Version="2.155.0" />
 
     <PackageReference Include="AWSSDK.ElasticBeanstalk" Version="3.7.200.42" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
 
     <!-- jsii Roslyn analyzers (un-comment to obtain compile-time checks for missing required props
     <PackageReference Include="Amazon.Jsii.Analyzers" Version="*" PrivateAssets="all" />

diff --git a/...pes/CdkTemplates/AspNetAppElasticBeanstalkLinux/Generated/Configurations/Configuration.cs b/...pes/CdkTemplates/AspNetAppElasticBeanstalkLinux/Generated/Configurations/Configuration.cs
@@ -43,6 +43,11 @@ public partial class Configuration
         /// </summary>
         public BeanstalkApplicationConfiguration BeanstalkApplication { get; set; }
 
+        /// <summary>
+        /// Control of IMDS v1 accessibility.
+        /// </summary>
+        public string IMDSv1Access { get; set; } = Recipe.IMDS_V1_DEFAULT;
+
         /// <summary>
         /// The name of an Elastic Beanstalk solution stack (platform version) to use with the environment.
         /// </summary>

diff --git a/src/AWS.Deploy.Recipes/CdkTemplates/AspNetAppElasticBeanstalkLinux/Generated/Recipe.cs b/src/AWS.Deploy.Recipes/CdkTemplates/AspNetAppElasticBeanstalkLinux/Generated/Recipe.cs
@@ -33,6 +33,10 @@ public class Recipe : Construct
         public const string LOADBALANCERTYPE_APPLICATION = "application";
         public const string LOADBALANCERSCHEME_PUBLIC = "public";
 
+        public const string IMDS_V1_DEFAULT = "Default";
+        public const string IMDS_V1_DISABLED = "Disabled";
+        public const string IMDS_V1_ENABLED = "Enabled";
+
         public const string REVERSEPROXY_NGINX = "nginx";
 
         public const string ENHANCED_HEALTH_REPORTING = "enhanced";
@@ -74,7 +78,7 @@ public Recipe(Construct scope, IRecipeProps<Configuration> props)
             ConfigureVpc(settings);
             ConfigureIAM(settings);
             var beanstalkApplicationName = ConfigureApplication(settings);
-            ConfigureBeanstalkEnvironment(settings, beanstalkApplicationName);
+            ConfigureBeanstalkEnvironment(props.NewDeployment, settings, beanstalkApplicationName);
         }
 
         private void ConfigureVpc(Configuration settings)
@@ -200,7 +204,7 @@ private string ConfigureApplication(Configuration settings)
             return beanstalkApplicationName;
         }
 
-        private void ConfigureBeanstalkEnvironment(Configuration settings, string beanstalkApplicationName)
+        private void ConfigureBeanstalkEnvironment(bool newDeployment, Configuration settings, string beanstalkApplicationName)
         {
             if (Ec2InstanceProfile == null)
                 throw new InvalidOperationException($"{nameof(Ec2InstanceProfile)} has not been set. The {nameof(ConfigureIAM)} method should be called before {nameof(ConfigureBeanstalkEnvironment)}");
@@ -238,6 +242,18 @@ private void ConfigureBeanstalkEnvironment(Configuration settings, string beanst
                    }
                 };
 
+            if (newDeployment ||
+                (!newDeployment && !string.Equals(settings.IMDSv1Access, IMDS_V1_DEFAULT, StringComparison.InvariantCultureIgnoreCase)))
+            {
+                var computedDisableIMDSv1 = string.Equals(settings.IMDSv1Access, IMDS_V1_ENABLED, StringComparison.InvariantCultureIgnoreCase) ? "false" : "true";
+                optionSettingProperties.Add(new CfnEnvironment.OptionSettingProperty
+                {
+                    Namespace = "aws:autoscaling:launchconfiguration",
+                    OptionName = "DisableIMDSv1",
+                    Value = computedDisableIMDSv1
+                });
+            }
+
             if (!string.IsNullOrEmpty(settings.InstanceType))
             {
                 optionSettingProperties.Add(new CfnEnvironment.OptionSettingProperty

diff --git a/...pes/CdkTemplates/AspNetAppElasticBeanstalkWindows/AspNetAppElasticBeanstalkWindows.csproj b/...pes/CdkTemplates/AspNetAppElasticBeanstalkWindows/AspNetAppElasticBeanstalkWindows.csproj
@@ -27,7 +27,7 @@
     <PackageReference Include="Amazon.CDK.Lib" Version="2.155.0" />
 
     <PackageReference Include="AWSSDK.ElasticBeanstalk" Version="3.7.200.42" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
 
     <!-- jsii Roslyn analyzers (un-comment to obtain compile-time checks for missing required props
     <PackageReference Include="Amazon.Jsii.Analyzers" Version="*" PrivateAssets="all" />

diff --git a/...s/CdkTemplates/AspNetAppElasticBeanstalkWindows/Generated/Configurations/Configuration.cs b/...s/CdkTemplates/AspNetAppElasticBeanstalkWindows/Generated/Configurations/Configuration.cs
@@ -43,6 +43,11 @@ public partial class Configuration
         /// </summary>
         public BeanstalkApplicationConfiguration BeanstalkApplication { get; set; }
 
+        /// <summary>
+        /// Control of IMDS v1 accessibility.
+        /// </summary>
+        public string IMDSv1Access { get; set; } = Recipe.IMDS_V1_DEFAULT;
+
         /// <summary>
         /// The name of an Elastic Beanstalk solution stack (platform version) to use with the environment.
         /// </summary>

diff --git a/src/AWS.Deploy.Recipes/CdkTemplates/AspNetAppElasticBeanstalkWindows/Generated/Recipe.cs b/src/AWS.Deploy.Recipes/CdkTemplates/AspNetAppElasticBeanstalkWindows/Generated/Recipe.cs
@@ -33,6 +33,10 @@ public class Recipe : Construct
         public const string LOADBALANCERTYPE_APPLICATION = "application";
         public const string LOADBALANCERSCHEME_PUBLIC = "public";
 
+        public const string IMDS_V1_DEFAULT = "Default";
+        public const string IMDS_V1_DISABLED = "Disabled";
+        public const string IMDS_V1_ENABLED = "Enabled";
+
         public const string REVERSEPROXY_NGINX = "nginx";
 
         public const string ENHANCED_HEALTH_REPORTING = "enhanced";
@@ -74,7 +78,7 @@ public Recipe(Construct scope, IRecipeProps<Configuration> props)
             ConfigureVpc(settings);
             ConfigureIAM(settings);
             var beanstalkApplicationName = ConfigureApplication(settings);
-            ConfigureBeanstalkEnvironment(settings, beanstalkApplicationName);
+            ConfigureBeanstalkEnvironment(props.NewDeployment, settings, beanstalkApplicationName);
         }
 
         private void ConfigureVpc(Configuration settings)
@@ -200,7 +204,7 @@ private string ConfigureApplication(Configuration settings)
             return beanstalkApplicationName;
         }
 
-        private void ConfigureBeanstalkEnvironment(Configuration settings, string beanstalkApplicationName)
+        private void ConfigureBeanstalkEnvironment(bool newDeployment, Configuration settings, string beanstalkApplicationName)
         {
             if (Ec2InstanceProfile == null)
                 throw new InvalidOperationException($"{nameof(Ec2InstanceProfile)} has not been set. The {nameof(ConfigureIAM)} method should be called before {nameof(ConfigureBeanstalkEnvironment)}");
@@ -238,6 +242,18 @@ private void ConfigureBeanstalkEnvironment(Configuration settings, string beanst
                    }
                 };
 
+            if (newDeployment ||
+                (!newDeployment && !string.Equals(settings.IMDSv1Access, IMDS_V1_DEFAULT, StringComparison.InvariantCultureIgnoreCase)))
+            {
+                var computedDisableIMDSv1 = string.Equals(settings.IMDSv1Access, IMDS_V1_ENABLED, StringComparison.InvariantCultureIgnoreCase) ? "false" : "true";
+                optionSettingProperties.Add(new CfnEnvironment.OptionSettingProperty
+                {
+                    Namespace = "aws:autoscaling:launchconfiguration",
+                    OptionName = "DisableIMDSv1",
+                    Value = computedDisableIMDSv1
+                });
+            }
+
             if (!string.IsNullOrEmpty(settings.InstanceType))
             {
                 optionSettingProperties.Add(new CfnEnvironment.OptionSettingProperty

diff --git a/src/AWS.Deploy.Recipes/CdkTemplates/BlazorWasm/BlazorWasm.csproj b/src/AWS.Deploy.Recipes/CdkTemplates/BlazorWasm/BlazorWasm.csproj
@@ -25,7 +25,7 @@
   <ItemGroup>
     <!-- CDK Construct Library dependencies -->
     <PackageReference Include="Amazon.CDK.Lib" Version="2.155.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
 
     <!-- jsii Roslyn analyzers (un-comment to obtain compile-time checks for missing required props
     <PackageReference Include="Amazon.Jsii.Analyzers" Version="*" PrivateAssets="all" />

diff --git a/...pes/CdkTemplates/ConsoleAppECSFargateScheduleTask/ConsoleAppECSFargateScheduleTask.csproj b/...pes/CdkTemplates/ConsoleAppECSFargateScheduleTask/ConsoleAppECSFargateScheduleTask.csproj
@@ -25,7 +25,7 @@
   <ItemGroup>
     <!-- CDK Construct Library dependencies -->
     <PackageReference Include="Amazon.CDK.Lib" Version="2.155.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
 
     <!-- jsii Roslyn analyzers (un-comment to obtain compile-time checks for missing required props
     <PackageReference Include="Amazon.Jsii.Analyzers" Version="*" PrivateAssets="all" />

diff --git a/...eploy.Recipes/CdkTemplates/ConsoleAppECSFargateService/ConsoleAppEcsFargateService.csproj b/...eploy.Recipes/CdkTemplates/ConsoleAppECSFargateService/ConsoleAppEcsFargateService.csproj
@@ -25,7 +25,7 @@
   <ItemGroup>
     <!-- CDK Construct Library dependencies -->
     <PackageReference Include="Amazon.CDK.Lib" Version="2.155.0" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="6.0.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="8.0.1" />
 
     <!-- jsii Roslyn analyzers (un-comment to obtain compile-time checks for missing required props
     <PackageReference Include="Amazon.Jsii.Analyzers" Version="*" PrivateAssets="all" />

diff --git a/src/AWS.Deploy.Recipes/RecipeDefinitions/ASP.NETAppAppRunner.recipe b/src/AWS.Deploy.Recipes/RecipeDefinitions/ASP.NETAppAppRunner.recipe
@@ -33,7 +33,7 @@
                     "Type": "MSProperty",
                     "Condition": {
                         "PropertyName": "TargetFramework",
-                        "AllowedValues": [ "netcoreapp3.1", "net5.0", "net6.0", "net7.0", "net8.0" ]
+                        "AllowedValues": [ "netcoreapp3.1", "net5.0", "net6.0", "net7.0", "net8.0", "net9.0" ]
                     }
                 }
             ]

diff --git a/src/AWS.Deploy.Recipes/RecipeDefinitions/ASP.NETAppECSFargate.recipe b/src/AWS.Deploy.Recipes/RecipeDefinitions/ASP.NETAppECSFargate.recipe
@@ -41,7 +41,7 @@
                     "Type": "MSProperty",
                     "Condition": {
                         "PropertyName": "TargetFramework",
-                        "AllowedValues": [ "netcoreapp3.1", "net5.0", "net6.0", "net7.0", "net8.0" ]
+                        "AllowedValues": [ "netcoreapp3.1", "net5.0", "net6.0", "net7.0", "net8.0", "net9.0" ]
                     }
                 }
             ]

diff --git a/src/AWS.Deploy.Recipes/RecipeDefinitions/ASP.NETAppElasticBeanstalkLinux.recipe b/src/AWS.Deploy.Recipes/RecipeDefinitions/ASP.NETAppElasticBeanstalkLinux.recipe
@@ -33,7 +33,7 @@
                     "Type": "MSProperty",
                     "Condition": {
                         "PropertyName": "TargetFramework",
-                        "AllowedValues": [ "netcoreapp3.1", "net5.0", "net6.0", "net7.0", "net8.0" ]
+                        "AllowedValues": [ "netcoreapp3.1", "net5.0", "net6.0", "net7.0", "net8.0", "net9.0" ]
                     }
                 }
             ],
@@ -263,6 +263,21 @@
                 }
             ]
         },
+        {
+            "Id": "IMDSv1Access",
+            "Name": "Access to IMDS v1",
+            "Category": "Compute",
+            "Description": "Access to IMDS v1; Default means new deployments will disable IMDSv1, redeployments leave the setting at its current value.",
+            "Type": "String",
+            "DefaultValue": "Default",
+            "AllowedValues": [
+                "Default",
+                "Disabled",
+                "Enabled"
+            ],
+            "AdvancedSetting": false,
+            "Updatable": true
+        },
         {
             "Id": "EnvironmentType",
             "Name": "Environment Type",

diff --git a/src/AWS.Deploy.Recipes/RecipeDefinitions/ASP.NETAppElasticBeanstalkWindows.recipe b/src/AWS.Deploy.Recipes/RecipeDefinitions/ASP.NETAppElasticBeanstalkWindows.recipe
@@ -33,7 +33,7 @@
                     "Type": "MSProperty",
                     "Condition": {
                         "PropertyName": "TargetFramework",
-                        "AllowedValues": [ "netcoreapp3.1", "net5.0", "net6.0", "net7.0", "net8.0" ]
+                        "AllowedValues": [ "netcoreapp3.1", "net5.0", "net6.0", "net7.0", "net8.0", "net9.0" ]
                     }
                 }
             ],
@@ -251,6 +251,21 @@
                 }
             ]
         },
+        {
+            "Id": "IMDSv1Access",
+            "Name": "Access to IMDS v1",
+            "Category": "Compute",
+            "Description": "Access to IMDS v1; Default means new deployments will disable IMDSv1, redeployments leave the setting at its current value.",
+            "Type": "String",
+            "DefaultValue": "Default",
+            "AllowedValues": [
+                "Default",
+                "Disabled",
+                "Enabled"
+            ],
+            "AdvancedSetting": false,
+            "Updatable": true
+        },
         {
             "Id": "EnvironmentType",
             "Name": "Environment Type",