Compute resources in AWS (e.g. EC2 instances, ECS tasks/services, etc.) get access to AWS credentials, such as temporary instance role credentials, via the Instance Metadata Service (IMDS) . The compute resources use these credentials to access other AWS services such as SQS, DynamoDB and Secrets Manager. Introduction: Problems with IMDSv1 There was originally only one version of IMDS, now called “v1,” which unfortunately many people still use. The technical risks and high profile inciden...
