Skip to main content

πŸ’Ό 5.7 Ensure that the EC2 Metadata Service only allows IMDSv2 (Automated)

  • Contextual name: πŸ’Ό 5.7 Ensure that the EC2 Metadata Service only allows IMDSv2 (Automated)
  • ID: /frameworks/cis-aws-v4.0.1/05/07
  • Located in: πŸ’Ό 5 Networking

Description​

When enabling the Metadata Service on AWS EC2 instances, users have the option of using either Instance Metadata Service Version 1 (IMDSv1; a request/response method) or Instance Metadata Service Version 2 (IMDSv2; a session-oriented method).

Similar​

  • Sections
    • /frameworks/cis-aws-v5.0.0/05/07
    • /frameworks/cis-aws-v4.0.0/05/07

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS AWS v4.0.0 β†’ πŸ’Ό 5.7 Ensure that the EC2 Metadata Service only allows IMDSv2 (Automated)1
πŸ’Ό CIS AWS v5.0.0 β†’ πŸ’Ό 5.7 Ensure that the EC2 Metadata Service only allows IMDSv2 (Automated)1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS AWS v4.0.0 β†’ πŸ’Ό 5.7 Ensure that the EC2 Metadata Service only allows IMDSv2 (Automated)1
πŸ’Ό CIS AWS v5.0.0 β†’ πŸ’Ό 5.7 Ensure that the EC2 Metadata Service only allows IMDSv2 (Automated)1

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS EC2 Instance IMDSv2 is not enabled 🟒1🟒 x6