diff --git a/VERIFY_ISO.md b/VERIFY_ISO.md
index b13c645e4..19f3a963b 100644
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.3.230-20230417 ISO image built on 2023/04/17
+### 2.3.240-20230426 ISO image built on 2023/04/26
 
 
 
 ### Download and Verify
 
-2.3.230-20230417 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.230-20230417.iso
+2.3.240-20230426 ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.3.240-20230426.iso
 
-MD5: EBE7E5407AF9AF6F1ADCB9A8E011729B  
-SHA1: EC101F5C633D368205F5B756F063308A0BE0466E  
-SHA256: CBB9BE490AB44BCC2C8CAB8AAE65288BE130B43927DFA4DFBDD9D95B3564D65F 
+MD5: 1935B559A9181522E83DA64C0A095A7A  
+SHA1: 84A865A8F880036A5F04990CAAC36093744E8CF7  
+SHA256: 1CC1173A403EE0CEA05EFB4708E7A4AEA70CEAAF1E3B51B861410F7634A776AF 
 
 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.230-20230417.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.240-20230426.iso.sig
 
 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
 
 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.230-20230417.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.240-20230426.iso.sig
 ```
 
 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.230-20230417.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.240-20230426.iso
 ```
 
 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.230-20230417.iso.sig securityonion-2.3.230-20230417.iso
+gpg --verify securityonion-2.3.240-20230426.iso.sig securityonion-2.3.240-20230426.iso
 ```
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Fri 14 Apr 2023 11:12:57 AM EDT using RSA key ID FE507013
+gpg: Signature made Wed 26 Apr 2023 08:55:32 AM EDT using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
diff --git a/VERSION b/VERSION
index 02eba2fcf..f3f35fab2 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.3.230
+2.3.240
diff --git a/salt/common/tools/sbin/soup b/salt/common/tools/sbin/soup
index 254ea6580..51cb37241 100755
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -555,6 +555,7 @@ preupgrade_changes() {
     [[ "$INSTALLEDVERSION" == 2.3.200 ]] && up_to_2.3.210
     [[ "$INSTALLEDVERSION" == 2.3.210 ]] && up_to_2.3.220
     [[ "$INSTALLEDVERSION" == 2.3.220 ]] && up_to_2.3.230
+    [[ "$INSTALLEDVERSION" == 2.3.230 ]] && up_to_2.3.240
     
     true
 }
@@ -583,6 +584,7 @@ postupgrade_changes() {
     [[ "$POSTVERSION" == 2.3.200 ]] && post_to_2.3.210
     [[ "$POSTVERSION" == 2.3.210 ]] && post_to_2.3.220
     [[ "$POSTVERSION" == 2.3.220 ]] && post_to_2.3.230
+    [[ "$POSTVERSION" == 2.3.230 ]] && post_to_2.3.240
 
     true
 }
@@ -721,6 +723,11 @@ post_to_2.3.230() {
   POSTVERSION=2.3.230
 }
 
+post_to_2.3.240() {
+  echo "Nothing to do for .240"
+  POSTVERSION=2.3.240
+}
+
 stop_salt_master() {
     # kill all salt jobs across the grid because the hang indefinitely if they are queued and salt-master restarts
     set +e
@@ -1066,6 +1073,11 @@ up_to_2.3.230() {
   INSTALLEDVERSION=2.3.230
 }
 
+up_to_2.3.240() {
+  echo "Upgrading to 2.3.240"
+  INSTALLEDVERSION=2.3.240
+}
+
 verify_upgradespace() {
   CURRENTSPACE=$(df -BG / | grep -v Avail | awk '{print $4}' | sed 's/.$//')
   if [ "$CURRENTSPACE" -lt "10" ]; then
diff --git a/setup/so-functions b/setup/so-functions
index c3be68b73..fdbf233be 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1124,7 +1124,16 @@ create_repo() {
 
 detect_cloud() {
   echo "Testing if setup is running on a cloud instance..." | tee -a "$setup_log"
-  if ( curl --fail -s -m 5 http://169.254.169.254/latest/meta-data/instance-id > /dev/null ) || ( dmidecode -s bios-vendor | grep -q Google > /dev/null) || [ -f /var/log/waagent.log ]; then export is_cloud="true"; fi
+  if ( curl --fail -s -m 5 http://169.254.169.254/latest/meta-data/instance-id > /dev/null ) || \
+     ( curl --fail -s -m 5 -H "X-aws-ec2-metadata-token: $(curl -s -X PUT -m 5 'http://169.254.169.254/latest/api/token' -H 'X-aws-ec2-metadata-token-ttl-seconds: 30')" http://169.254.169.254/latest/meta-data/instance-id > /dev/null) || \
+     (dmidecode -s bios-vendor | grep -q Google > /dev/null) || \
+     [ -f /var/log/waagent.log ]; then 
+
+    echo "Detected a cloud installation." | tee -a "$setup_log"
+    export is_cloud="true"
+  else
+    echo "This does not appear to be a cloud installation." | tee -a "$setup_log"
+  fi
 }
 
 detect_os() {
diff --git a/sigs/securityonion-2.3.240-20230426.iso.sig b/sigs/securityonion-2.3.240-20230426.iso.sig
new file mode 100644
index 000000000..d689878d1
Binary files /dev/null and b/sigs/securityonion-2.3.240-20230426.iso.sig differ