Logging and monitoring

Enhanced instance metadata service (IMDSv2) is not enforced

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls, CCPA, CPRA, HITRUST, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, NIST 800-171, NIST 800-53, Orca Best Practices, PDPA, UK Cyber Essentials

Description

The use of IMDSv2, the enhanced version of the Instance Metadata Service, is not enforced on the EC2 instance {AwsEc2Instance} ({AwsEc2Instance.InstanceId}). IMDSv2 solves a lot of security issues in the original version (IMDSv1) by using session-based authentication. If an instance is still using IMDSv1, malicious actors can use compromised applications running inside it to gain unauthorized access to the metadata service.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo