ambiser
/
openvidu
mirror of https://github.com/OpenVidu/openvidu.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

openvidu-deployment: single-node pro - Remove letsencrypt email and use sslip.io if domain is not defined.

master
cruizba 2025-09-02 17:01:11 +02:00
parent 8f0db18c4b
commit e3cd657c97
1 changed files with 66 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
openvidu-deployment/pro/singlenode/aws/cf-openvidu-singlenode.yaml
View File

@ -5,17 +5,17 @@ Parameters:
CertificateType: CertificateType:
Description: | Description: |
[selfsigned] Not recommended for production use. If you don't have a FQDN, (DomainName parameter) you can use this option to generate a self-signed certificate. [selfsigned] Not recommended for production use. Just for testing purposes or development environments.
[owncert] Valid for productions environments. If you have a FQDN, (DomainName parameter) [owncert] Valid for productions environments. If you don't have a FQDN, sslip.io will be used.
and an Elastic IP, you can use this option to use your own certificate. and an Elastic IP, you can use this option to use your own certificate.
[letsencrypt] Valid for production environments. If you have a FQDN, (DomainName parameter) [letsencrypt] Valid for production environments. If you have a FQDN, (DomainName parameter)
and an Elastic IP, you can use this option to generate a Let's Encrypt certificate. and an Elastic IP, you can use this option to generate a Let's Encrypt certificate.
Type: String Type: String
AllowedValues: AllowedValues:
- selfsigned - selfsigned
- owncert
- letsencrypt - letsencrypt
Default: selfsigned - owncert
Default: letsencrypt
PublicElasticIP: PublicElasticIP:
Type: String Type: String
@ -37,10 +37,6 @@ Parameters:
Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate" Description: "If certificate type is 'owncert', this parameter will be used to specify the private certificate"
Type: String Type: String
LetsEncryptEmail:
Description: "If certificate type is 'letsencrypt', this email will be used for Let's Encrypt notifications"
Type: String
AdditionalInstallFlags: AdditionalInstallFlags:
Description: Additional optional flags to pass to the OpenVidu installer (comma-separated, e.g., "--flag1=value, --flag2"). Description: Additional optional flags to pass to the OpenVidu installer (comma-separated, e.g., "--flag1=value, --flag2").
Type: String Type: String
@ -223,6 +219,15 @@ Parameters:
Metadata: Metadata:
'AWS::CloudFormation::Interface': 'AWS::CloudFormation::Interface':
ParameterGroups: ParameterGroups:
- Label:
default: SSH Access configuration
Parameters:
- KeyName
- Label:
default: OpenVidu Single Node PRO configuration
Parameters:
- OpenViduLicense
- RTCEngine
- Label: - Label:
default: Domain and SSL certificate configuration default: Domain and SSL certificate configuration
Parameters: Parameters:
@ -231,17 +236,10 @@ Metadata:
- DomainName - DomainName
- OwnPublicCertificate - OwnPublicCertificate
- OwnPrivateCertificate - OwnPrivateCertificate
- LetsEncryptEmail
- Label:
default: OpenVidu Single Node PRO configuration
Parameters:
- OpenViduLicense
- RTCEngine
- Label: - Label:
default: EC2 Instance configuration default: EC2 Instance configuration
Parameters: Parameters:
- InstanceType - InstanceType
- KeyName
- AmiId - AmiId
- Label: - Label:
default: S3 bucket for application data and recordings default: S3 bucket for application data and recordings
@ -260,6 +258,7 @@ Metadata:
Conditions: Conditions:
PublicElasticIPPresent: !Not [ !Equals [!Ref PublicElasticIP, ""] ] PublicElasticIPPresent: !Not [ !Equals [!Ref PublicElasticIP, ""] ]
PublicElasticIPAbsent: !Equals [!Ref PublicElasticIP, ""]
CreateRecordingsBucket: !Equals [!Ref S3AppDataBucketName, ""] CreateRecordingsBucket: !Equals [!Ref S3AppDataBucketName, ""]
Resources: Resources:
@ -273,29 +272,30 @@ Resources:
Description: Secret for OpenVidu to store deployment info and seed secrets Description: Secret for OpenVidu to store deployment info and seed secrets
SecretString: | SecretString: |
{ {
"OPENVIDU_URL": "none",
"MEET_INITIAL_ADMIN_USER": "none",
"MEET_INITIAL_ADMIN_PASSWORD": "none",
"MEET_INITIAL_API_KEY": "none",
"LIVEKIT_URL": "none",
"LIVEKIT_API_KEY": "none",
"LIVEKIT_API_SECRET": "none",
"DASHBOARD_URL": "none",
"GRAFANA_URL": "none",
"MINIO_URL": "none",
"DOMAIN_NAME": "none", "DOMAIN_NAME": "none",
"LIVEKIT_TURN_DOMAIN_NAME": "none", "LIVEKIT_TURN_DOMAIN_NAME": "none",
"LETSENCRYPT_EMAIL": "none",
"OPENVIDU_PRO_LICENSE": "none", "OPENVIDU_PRO_LICENSE": "none",
"OPENVIDU_RTC_ENGINE": "none", "OPENVIDU_RTC_ENGINE": "none",
"REDIS_PASSWORD": "none", "REDIS_PASSWORD": "none",
"MONGO_ADMIN_USERNAME": "none", "MONGO_ADMIN_USERNAME": "none",
"MONGO_ADMIN_PASSWORD": "none", "MONGO_ADMIN_PASSWORD": "none",
"MONGO_REPLICA_SET_KEY": "none", "MONGO_REPLICA_SET_KEY": "none",
"MINIO_URL": "none",
"MINIO_ACCESS_KEY": "none", "MINIO_ACCESS_KEY": "none",
"MINIO_SECRET_KEY": "none", "MINIO_SECRET_KEY": "none",
"DASHBOARD_URL": "none",
"DASHBOARD_ADMIN_USERNAME": "none", "DASHBOARD_ADMIN_USERNAME": "none",
"DASHBOARD_ADMIN_PASSWORD": "none", "DASHBOARD_ADMIN_PASSWORD": "none",
"GRAFANA_URL": "none",
"GRAFANA_ADMIN_USERNAME": "none", "GRAFANA_ADMIN_USERNAME": "none",
"GRAFANA_ADMIN_PASSWORD": "none", "GRAFANA_ADMIN_PASSWORD": "none",
"LIVEKIT_API_KEY": "none",
"LIVEKIT_API_SECRET": "none",
"MEET_INITIAL_ADMIN_USER": "none",
"MEET_INITIAL_ADMIN_PASSWORD": "none",
"MEET_INITIAL_API_KEY": "none",
"ENABLED_MODULES": "none" "ENABLED_MODULES": "none"
} }
@ -397,11 +397,11 @@ Resources:
unzip \ unzip \
jq \ jq \
wget wget
wget https://github.com/mikefarah/yq/releases/download/${!YQ_VERSION}/yq_linux_amd64.tar.gz -O - |\ wget https://github.com/mikefarah/yq/releases/download/${!YQ_VERSION}/yq_linux_$(dpkg --print-architecture).tar.gz -O - |\
tar xz && mv yq_linux_amd64 /usr/bin/yq tar xz && mv yq_linux_$(dpkg --print-architecture) /usr/bin/yq
# Install aws-cli # Install aws-cli
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" curl "https://awscli.amazonaws.com/awscli-exe-linux-$(uname -m).zip" -o "awscliv2.zip"
unzip -qq awscliv2.zip unzip -qq awscliv2.zip
./aws/install ./aws/install
rm -rf awscliv2.zip aws rm -rf awscliv2.zip aws
@ -413,7 +413,10 @@ Resources:
if [[ "${DomainName}" == '' ]]; then if [[ "${DomainName}" == '' ]]; then
[ ! -d "/usr/share/openvidu" ] && mkdir -p /usr/share/openvidu [ ! -d "/usr/share/openvidu" ] && mkdir -p /usr/share/openvidu
PublicHostname=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/public-hostname) PublicHostname=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/public-hostname)
DOMAIN=$PublicHostname RANDOM_DOMAIN_STRING=$(tr -dc 'a-z' < /dev/urandom | head -c 8)
DOMAIN=openvidu-$RANDOM_DOMAIN_STRING-$(echo "$PublicHostname" | cut -d'.' -f1 | sed 's/^ec2-//').sslip.io
TURN_DOMAIN_NAME_SSLIP_IO="turn-$RANDOM_DOMAIN_STRING-$(echo "$PublicHostname" | cut -d'.' -f1 | sed 's/^ec2-//').sslip.io"
echo $RANDOM_DOMAIN_STRING > /usr/share/openvidu/random-domain-string
echo $PublicHostname > /usr/share/openvidu/old-host-name echo $PublicHostname > /usr/share/openvidu/old-host-name
else else
DOMAIN=${DomainName} DOMAIN=${DomainName}
@ -482,8 +485,12 @@ Resources:
done done
fi fi
# Turn with TLS if [[ "${!TURN_DOMAIN_NAME_SSLIP_IO}" != '' ]]; then
if [[ "${TurnDomainName}" != '' ]]; then LIVEKIT_TURN_DOMAIN_NAME=$(/usr/local/bin/store_secret.sh save LIVEKIT_TURN_DOMAIN_NAME "${!TURN_DOMAIN_NAME_SSLIP_IO}")
COMMON_ARGS+=(
"--turn-domain-name=$LIVEKIT_TURN_DOMAIN_NAME"
)
elif [[ "${TurnDomainName}" != '' ]]; then
LIVEKIT_TURN_DOMAIN_NAME=$(/usr/local/bin/store_secret.sh save LIVEKIT_TURN_DOMAIN_NAME "${TurnDomainName}") LIVEKIT_TURN_DOMAIN_NAME=$(/usr/local/bin/store_secret.sh save LIVEKIT_TURN_DOMAIN_NAME "${TurnDomainName}")
COMMON_ARGS+=( COMMON_ARGS+=(
"--turn-domain-name=$LIVEKIT_TURN_DOMAIN_NAME" "--turn-domain-name=$LIVEKIT_TURN_DOMAIN_NAME"
@ -496,10 +503,8 @@ Resources:
"--certificate-type=selfsigned" "--certificate-type=selfsigned"
) )
elif [[ "${CertificateType}" == "letsencrypt" ]]; then elif [[ "${CertificateType}" == "letsencrypt" ]]; then
LETSENCRYPT_EMAIL=$(/usr/local/bin/store_secret.sh save LETSENCRYPT_EMAIL "${LetsEncryptEmail}")
CERT_ARGS=( CERT_ARGS=(
"--certificate-type=letsencrypt" "--certificate-type=letsencrypt"
"--letsencrypt-email=$LETSENCRYPT_EMAIL"
) )
else else
# Download owncert files # Download owncert files
@ -585,18 +590,23 @@ Resources:
if [[ "${DomainName}" == '' ]]; then if [[ "${DomainName}" == '' ]]; then
PublicHostname=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/public-hostname) PublicHostname=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/public-hostname)
DOMAIN=$PublicHostname RANDOM_DOMAIN_STRING=$(cat /usr/share/openvidu/random-domain-string)
DOMAIN=openvidu-$RANDOM_DOMAIN_STRING-$(echo "$PublicHostname" | cut -d'.' -f1 | sed 's/^ec2-//').sslip.io
else else
DOMAIN=${DomainName} DOMAIN=${DomainName}
fi fi
# Generate URLs # Generate URLs
OPENVIDU_URL="https://${!DOMAIN}/"
LIVEKIT_URL="wss://${!DOMAIN}/"
DASHBOARD_URL="https://${!DOMAIN}/dashboard/" DASHBOARD_URL="https://${!DOMAIN}/dashboard/"
GRAFANA_URL="https://${!DOMAIN}/grafana/" GRAFANA_URL="https://${!DOMAIN}/grafana/"
MINIO_URL="https://${!DOMAIN}/minio-console/" MINIO_URL="https://${!DOMAIN}/minio-console/"
# Update shared secret # Update shared secret
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"DOMAIN_NAME": "'"$DOMAIN"'"}')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"DOMAIN_NAME": "'"$DOMAIN"'"}')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"OPENVIDU_URL": "'"$OPENVIDU_URL"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"LIVEKIT_URL": "'"$LIVEKIT_URL"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"DASHBOARD_URL": "'"$DASHBOARD_URL"'" }')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"DASHBOARD_URL": "'"$DASHBOARD_URL"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"GRAFANA_URL": "'"$GRAFANA_URL"'" }')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"GRAFANA_URL": "'"$GRAFANA_URL"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"MINIO_URL": "'"$MINIO_URL"'" }')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"MINIO_URL": "'"$MINIO_URL"'" }')"
@ -627,9 +637,10 @@ Resources:
# Replace DOMAIN_NAME # Replace DOMAIN_NAME
export DOMAIN=$(echo $SHARED_SECRET | jq -r .DOMAIN_NAME) export DOMAIN=$(echo $SHARED_SECRET | jq -r .DOMAIN_NAME)
if [[ $DOMAIN == *"compute.amazonaws.com"* ]] || [[ -z $DOMAIN ]]; then if [[ $DOMAIN == *"sslip.io"* ]] || [[ -z $DOMAIN ]]; then
PublicHostname=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/public-hostname) PublicHostname=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/public-hostname)
DOMAIN=$PublicHostname RANDOM_DOMAIN_STRING=$(cat /usr/share/openvidu/random-domain-string)
DOMAIN=openvidu-$RANDOM_DOMAIN_STRING-$(echo "$PublicHostname" | cut -d'.' -f1 | sed 's/^ec2-//').sslip.io
fi fi
if [[ -n "$DOMAIN" ]]; then if [[ -n "$DOMAIN" ]]; then
sed -i "s/DOMAIN_NAME=.*/DOMAIN_NAME=$DOMAIN/" "${!CONFIG_DIR}/openvidu.env" sed -i "s/DOMAIN_NAME=.*/DOMAIN_NAME=$DOMAIN/" "${!CONFIG_DIR}/openvidu.env"
@ -639,15 +650,15 @@ Resources:
# Replace LIVEKIT_TURN_DOMAIN_NAME # Replace LIVEKIT_TURN_DOMAIN_NAME
export LIVEKIT_TURN_DOMAIN_NAME=$(echo $SHARED_SECRET | jq -r .LIVEKIT_TURN_DOMAIN_NAME) export LIVEKIT_TURN_DOMAIN_NAME=$(echo $SHARED_SECRET | jq -r .LIVEKIT_TURN_DOMAIN_NAME)
if [[ $LIVEKIT_TURN_DOMAIN_NAME == *"sslip.io"* ]] || [[ -z $LIVEKIT_TURN_DOMAIN_NAME ]]; then
PublicHostname=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/public-hostname)
RANDOM_DOMAIN_STRING=$(cat /usr/share/openvidu/random-domain-string)
LIVEKIT_TURN_DOMAIN_NAME="turn-$RANDOM_DOMAIN_STRING-$(echo "$PublicHostname" | cut -d'.' -f1 | sed 's/^ec2-//').sslip.io"
fi
if [[ -n "$LIVEKIT_TURN_DOMAIN_NAME" ]]; then if [[ -n "$LIVEKIT_TURN_DOMAIN_NAME" ]]; then
sed -i "s/LIVEKIT_TURN_DOMAIN_NAME=.*/LIVEKIT_TURN_DOMAIN_NAME=$LIVEKIT_TURN_DOMAIN_NAME/" "${!CONFIG_DIR}/openvidu.env" sed -i "s/LIVEKIT_TURN_DOMAIN_NAME=.*/LIVEKIT_TURN_DOMAIN_NAME=$LIVEKIT_TURN_DOMAIN_NAME/" "${!CONFIG_DIR}/openvidu.env"
fi fi
if [[ ${CertificateType} == "letsencrypt" ]]; then
export LETSENCRYPT_EMAIL=$(echo $SHARED_SECRET | jq -r .LETSENCRYPT_EMAIL)
sed -i "s/LETSENCRYPT_EMAIL=.*/LETSENCRYPT_EMAIL=$LETSENCRYPT_EMAIL/" "${!CONFIG_DIR}/openvidu.env"
fi
# Replace rest of the values # Replace rest of the values
sed -i "s/REDIS_PASSWORD=.*/REDIS_PASSWORD=$(echo $SHARED_SECRET | jq -r .REDIS_PASSWORD)/" "${!CONFIG_DIR}/openvidu.env" sed -i "s/REDIS_PASSWORD=.*/REDIS_PASSWORD=$(echo $SHARED_SECRET | jq -r .REDIS_PASSWORD)/" "${!CONFIG_DIR}/openvidu.env"
sed -i "s/OPENVIDU_PRO_LICENSE=.*/OPENVIDU_PRO_LICENSE=$(echo $SHARED_SECRET | jq -r .OPENVIDU_PRO_LICENSE)/" "${!CONFIG_DIR}/openvidu.env" sed -i "s/OPENVIDU_PRO_LICENSE=.*/OPENVIDU_PRO_LICENSE=$(echo $SHARED_SECRET | jq -r .OPENVIDU_PRO_LICENSE)/" "${!CONFIG_DIR}/openvidu.env"
@ -669,10 +680,13 @@ Resources:
sed -i "s/ENABLED_MODULES=.*/ENABLED_MODULES=$(echo $SHARED_SECRET | jq -r .ENABLED_MODULES)/" "${!CONFIG_DIR}/openvidu.env" sed -i "s/ENABLED_MODULES=.*/ENABLED_MODULES=$(echo $SHARED_SECRET | jq -r .ENABLED_MODULES)/" "${!CONFIG_DIR}/openvidu.env"
# Update URLs in secret # Update URLs in secret
OPENVIDU_URL="https://${!DOMAIN}/"
DASHBOARD_URL="https://${!DOMAIN}/dashboard/" DASHBOARD_URL="https://${!DOMAIN}/dashboard/"
GRAFANA_URL="https://${!DOMAIN}/grafana/" GRAFANA_URL="https://${!DOMAIN}/grafana/"
MINIO_URL="https://${!DOMAIN}/minio-console/" MINIO_URL="https://${!DOMAIN}/minio-console/"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"DOMAIN_NAME": "'"$DOMAIN"'" }')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"DOMAIN_NAME": "'"$DOMAIN"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"OPENVIDU_URL": "'"$OPENVIDU_URL"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"LIVEKIT_URL": "'"$LIVEKIT_URL"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"DASHBOARD_URL": "'"$DASHBOARD_URL"'" }')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"DASHBOARD_URL": "'"$DASHBOARD_URL"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"GRAFANA_URL": "'"$GRAFANA_URL"'" }')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"GRAFANA_URL": "'"$GRAFANA_URL"'" }')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"MINIO_URL": "'"$MINIO_URL"'" }')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"MINIO_URL": "'"$MINIO_URL"'" }')"
@ -697,10 +711,6 @@ Resources:
INSTALL_DIR="/opt/openvidu" INSTALL_DIR="/opt/openvidu"
CONFIG_DIR="${!INSTALL_DIR}/config" CONFIG_DIR="${!INSTALL_DIR}/config"
if [[ ${CertificateType} == "letsencrypt" ]]; then
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"LETSENCRYPT_EMAIL": "'"$(/usr/local/bin/get_value_from_config.sh LETSENCRYPT_EMAIL "${!CONFIG_DIR}/openvidu.env")"'"}')"
fi
# Update shared secret # Update shared secret
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"REDIS_PASSWORD": "'"$(/usr/local/bin/get_value_from_config.sh REDIS_PASSWORD "${!CONFIG_DIR}/openvidu.env")"'"}')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"REDIS_PASSWORD": "'"$(/usr/local/bin/get_value_from_config.sh REDIS_PASSWORD "${!CONFIG_DIR}/openvidu.env")"'"}')"
SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"OPENVIDU_PRO_LICENSE": "'"$(/usr/local/bin/get_value_from_config.sh OPENVIDU_PRO_LICENSE "${!CONFIG_DIR}/openvidu.env")"'"}')" SHARED_SECRET="$(echo "$SHARED_SECRET" | jq '. + {"OPENVIDU_PRO_LICENSE": "'"$(/usr/local/bin/get_value_from_config.sh OPENVIDU_PRO_LICENSE "${!CONFIG_DIR}/openvidu.env")"'"}')"
@ -857,8 +867,11 @@ Resources:
apt-get update && apt-get install -y \ apt-get update && apt-get install -y \
python3-pip \ python3-pip \
ec2-instance-connect ec2-instance-connect \
pip3 install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz pipx
pipx install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz
export PATH=$PATH:/root/.local/bin
cfn-init --region ${AWS::Region} --stack ${AWS::StackId} --resource OpenviduServer cfn-init --region ${AWS::Region} --stack ${AWS::StackId} --resource OpenviduServer
@ -883,7 +896,7 @@ Resources:
/usr/local/bin/check_app_ready.sh /usr/local/bin/check_app_ready.sh
# sending the finish call # sending the finish call
/usr/local/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource WaitCondition --region ${AWS::Region} cfn-signal -e $? --stack ${AWS::StackId} --resource WaitCondition --region ${AWS::Region}
BlockDeviceMappings: BlockDeviceMappings:
- DeviceName: /dev/sda1 - DeviceName: /dev/sda1
@ -899,6 +912,12 @@ Resources:
InstanceId: !Ref OpenviduServer InstanceId: !Ref OpenviduServer
EIP: !Ref PublicElasticIP EIP: !Ref PublicElasticIP
NewEIP:
Type: 'AWS::EC2::EIP'
Condition: PublicElasticIPAbsent
Properties:
InstanceId: !Ref OpenviduServer
IMDSv2LaunchTemplate: IMDSv2LaunchTemplate:
Type: AWS::EC2::LaunchTemplate Type: AWS::EC2::LaunchTemplate
Properties: Properties: