top of page
< Back

AWS Foundational Security Best Practice

EC2.8

EC2 instances should use Instance Metadata Service Version 2 (IMDSv2)

Severity

Cloud Platforms

Resources

HIGH

AWS

Amazon EC2

This control checks whether your Amazon Elastic Compute Cloud (Amazon EC2) instance metadata version is configured with Instance Metadata Service Version 2 (IMDSv2). The control passes if HttpTokens is set to required for IMDSv2. The control fails if HttpTokens is set to optional.

bottom of page