Headline:
Support for the Instance Metadata Service Version IMDS attribute for AWS EC2 instances.
Description:
Organizations may like to enforce a certain version via a Service Control Policy preventing instance fulfilment when the desired version is not specified. However, this enforcement can only work when Morpheus also supports the configuration of the attribute.
Both IMDSv1 and IMDSv2 will be available and enabled by default, and customers can choose which they will use. The IMDS can now be restricted to v2 only, or IMDS (v1 and v2) can also be disabled entirely. AWS recommends adopting v2 and restricting access to v2 only for added security. IMDSv1 remains available for customers who have tools and scripts using v1, and who are comfortable with the existing security posture of their instances.
Example/Use case(s):