Credentials-2f ((full)) | Request-url-http-3a-2f-2f169.254.169.254-2flatest-2fmeta Data-2fiam-2fsecurity

In response, AWS introduced , which adds defense-in-depth:

More recently, in 2025, security researchers at Wiz discovered in-the-wild exploitation of a zero-day SSRF vulnerability in , a popular open-source document converter. The vulnerability, designated CVE-2025-51591 , allowed attackers to craft malicious HTML elements (such as iframes) that, when processed by Pandoc, would send requests to the IMDS endpoint ( 169.254.169.254 ). The objective was to exfiltrate the content of the metadata, including IAM role information. In response, AWS introduced , which adds defense-in-depth:

If your EC2 instance does not require any IAM role (e.g., a bastion host that uses instance profiles for SSH only?), you can disable the metadata service entirely: If your EC2 instance does not require any IAM role (e

This design allows applications running on EC2 to securely obtain AWS credentials without hardcoding secrets into source code or configuration files. It’s convenient, but convenience often comes at a cost. 2. How the Attack Works (SSRF)

: Because it is intended only for local use, the original version ( IMDSv1 ) does not require authentication; it assumes any request reaching it is legitimate because it came from the server itself. 2. How the Attack Works (SSRF)