Fetch-url-http-3a-2f-2f169.254.169.254-2flatest-2fmeta — Data-2fiam-2fsecurity Credentials-2f
http://169.254.169.254/latest/meta-data/iam/security-credentials/
Use Cases: These credentials are used for applications running on EC2 instances to securely access other AWS services without needing to store long-term credentials on the instance.
SSRF Vulnerabilities and Mitigations – How attackers might target metadata endpoints through SSRF, and how to harden applications using IMDSv2 (session-oriented metadata service), firewall rules, and metadata-request filtering. http://169
- AccessKeyId
- SecretAccessKey
- Token (session token)
- Expiration (ISO 8601)
- Code (e.g., Success)
- Type (e.g., AWS-HMAC)
Let me know which direction you’d prefer, or if you have another topic in mind. Use Cases : These credentials are used for
The URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ is a specific endpoint used by the AWS Instance Metadata Service (IMDS). It allows applications running on an Amazon EC2 instance to retrieve temporary security credentials associated with an IAM role attached to that instance. What the Endpoint Does AWS Retrieving Security Credentials from Instance Metadata security professionals recommend implementing AWS IMDSv2
The encoded URL http://169.254.169 is commonly used in Server-Side Request Forgery (SSRF) attacks to access temporary IAM security credentials from cloud metadata services. If successful, attackers can use these credentials to gain unauthorized access to cloud resources. To mitigate this risk, security professionals recommend implementing AWS IMDSv2, strictly validating user-provided URLs, and applying the principle of least privilege to instance roles.