To improve defense against open firewalls, reverse proxies, and SSRF vulnerabilities, AWS has recently announced that new Amazon EC2 instance types will support only version 2 of the EC2 Instance Metadata Service (IMDSv2). For transition support, customers will still be able to enable IMDSv1.
The v1 service uses a request/response access method and the v2 service uses a session-oriented method (...) Many applications and instances are already using and benefiting from IMDSv2, but the full range of benefits becomes available only when IMDSv1 is disabled at the AWS account level.
You won't be able to get the full benefits of IMDSv2 until you disable IMDSv1. While IMDS is provided by the instance itself, the calls to IMDS are from your software. This means y
[
add
]
[
|
|
...
]