July 27, 2021: We’ve updated the link to the 2019 re:Invent session on this topic. Since it first launched over 10 years ago, the Amazon EC2 Instance Metadata Service (IMDS) has helped customers build secure and scalable applications. The IMDS solved a big security headache for cloud users by providing access to temporary, frequently rotated […]| Amazon Web Services
Grant applications on your EC2 instances permissions to make secure API requests to AWS.| docs.aws.amazon.com
Access instance metadata for an EC2 instance to get current settings for metadata properties, dynamic data, and user data.| docs.aws.amazon.com
Learn about IAM finding types in GuardDuty. An IAM finding is a notification that contains details about a principal AWS account root user, IAM role, or user) that GuardDuty has identified as behaving in a suspicious and potentially malicious way.| docs.aws.amazon.com
Describes each of the AWS global condition keys available to use in IAM policies.| docs.aws.amazon.com
In a previous post, I reviewed what a public subnet and Internet Gateway (IGW) are and that they allowed outbound and inbound connectivity to instances (ie, virtual machines) running in the AWS cloud. If you're the least bit security conscious, your reaction might be, "No way! I can't have my instances sitting right on the Internet without any protection". Fear not, reader. This post will explain the mechanisms that the Amazon Virtual Private Cloud (VPC) affords you to protect your instances.| packetmischief.ca