Difference between revisions of "AWS Instance Metadata Service (IMDS)"

From wikieduonline
Jump to navigation Jump to search
 
(22 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
[[Wikipedia:AWS Instance Metadata Service]] it is a service provided by [[AWS]] that allows [[EC2]] instances to access metadata about themselves and their environment.
 +
 
* https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
 
* https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
  
  
 
* <code>[[aws ec2 modify-instance-metadata-options]]</code>
 
* <code>[[aws ec2 modify-instance-metadata-options]]</code>
* [[IMDSv2]]
+
* [[IMDS versions]]: [[IMDSv2]]
 +
* [[IMDS initiate session]]
 +
 
  
 
If you use [[Auto Scaling groups]] and you need to require the use of IMDSv2 on all new instances, your Auto Scaling groups must use [[launch templates]].
 
If you use [[Auto Scaling groups]] and you need to require the use of IMDSv2 on all new instances, your Auto Scaling groups must use [[launch templates]].
 +
 +
* [[Datadog AWS Integration Billing]]: If your EC2 instances are configured to require the use of Instance Metadata Service Version 2 (IMDSv2), then you must set the parameter <code>[[ec2_prefer_imdsv2]]</code> to true in your Datadog agent configuration to avoid double-billing.
 +
 +
=== Metadata Endpoint ===
 +
<code> http://169.254.169.254/latest/meta-data/</code>
 +
 +
== Example ==
 +
  TOKEN=`[[curl -X PUT]] "http://169.254.169.254/latest/api/token" [[-H]] "X-aws-ec2-metadata-token-ttl-seconds: 21600"` \ && [[curl -H]] "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/[[user-data]]
 +
 +
== Activities ==
 +
* [[Transition to using Instance Metadata Service Version 2]]
  
 
== Related ==
 
== Related ==
 
* [[Azure Instance Metadata Service]]
 
* [[Azure Instance Metadata Service]]
* [[Instance metadata and user data]]
 
 
* <code>[[ec2-imdsv2-check]]</code>, the rule is <code>[[NON_COMPLIANT]]</code> if the <code>[[HttpTokens]]</code> is set to optional.
 
* <code>[[ec2-imdsv2-check]]</code>, the rule is <code>[[NON_COMPLIANT]]</code> if the <code>[[HttpTokens]]</code> is set to optional.
 
* <code>[[aws ec2 describe-instances]] | grep [[HttpTokens]]</code>
 
* <code>[[aws ec2 describe-instances]] | grep [[HttpTokens]]</code>
* [[Datadog AWS Integration Billing]]
+
* [[AWS EC2 Instance Connect]]
 +
* [[Datadog]]: <code>[[DD_EC2_PREFER_IMDSV2]]</code>
 +
* <code>[[Datadog: EC2 instances should enforce IMDSv2]]</code>
 +
* [[IMDS initiate session]]
 +
* <code>[[Failed to refresh cached credentials, no EC2 IMDS role found]]</code>
  
 
== See also ==
 
== See also ==
 +
* {{IMDS cmd}}
 
* {{IMDS}}
 
* {{IMDS}}
 
* {{AWS EC2}}
 
* {{AWS EC2}}
  
 
[[Category:AWS]]
 
[[Category:AWS]]

Latest revision as of 09:19, 28 June 2024

Wikipedia:AWS Instance Metadata Service it is a service provided by AWS that allows EC2 instances to access metadata about themselves and their environment.



If you use Auto Scaling groups and you need to require the use of IMDSv2 on all new instances, your Auto Scaling groups must use launch templates.

  • Datadog AWS Integration Billing: If your EC2 instances are configured to require the use of Instance Metadata Service Version 2 (IMDSv2), then you must set the parameter ec2_prefer_imdsv2 to true in your Datadog agent configuration to avoid double-billing.

Metadata Endpoint[edit]

http://169.254.169.254/latest/meta-data/

Example[edit]

 TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` \ && curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/user-data

Activities[edit]

Related[edit]

See also[edit]

Retrieved from "https://www.wikieduonline.com/index.php?title=AWS_Instance_Metadata_Service_(IMDS)&oldid=331641"

Advertising: