Policy Packs

guardrails-samples

aws_ec2_instance_metadata_service

Instance metadata is data about your instance that you can use to configure or manage the running instance.&#92;nInstance metadata is divided into categories, for example, host name, events, and security groups.&#92;n&#92;nInstance metadata can be accessed from a running instance using one of the following methods:&#92;n&#92;n  * Instance Metadata Service Version 1 (IMDSv1) – a request/response method&#92;n&#92;n  * Instance Metadata Service Version 2 (IMDSv2) – a session-oriented method&#92;n&#92;nBy default, you can use either IMDSv1 or IMDSv2, or both. However, the instance metadata service can be specifically&#92;nconfigured to use IMDSv2 on each instance. When you specify that IMDSv2 must be used, IMDSv1 no longer works.&#92;n

Policy Setting: AWS > EC2 > Instance > Metadata Service

Policies

Source