Request-url-http-3a-2f-2f169.254.169.254-2flatest-2fmeta Data-2fiam-2fsecurity Credentials-2f ^hot^ Here

: Protects against SSRF by requiring a session token obtained via a PUT request, which standard SSRF vulnerabilities typically cannot perform. Steal EC2 Metadata Credentials via SSRF - Hacking The Cloud

: If an IAM Role is attached to the instance, this endpoint lists the name of that role. : Protects against SSRF by requiring a session

Because this endpoint returns sensitive credentials without requiring an initial password, it is a primary target for attackers. : Protects against SSRF by requiring a session

: Vulnerable to simple SSRF because it uses standard HTTP GET requests. : Protects against SSRF by requiring a session