|
|
|
|
|
|
by falcolas
3282 days ago
|
|
|
Technically, shouldn't. But in AWS' documentation for container roles, they have a note that explicitly suggests implementing a iptables rule (and even provides the iptables command) to prevent access to the instance's metadata. http://docs.aws.amazon.com/AmazonECS/latest/developerguide/t... That said, this is another of those "more ink should be spilled" moments, since preventing access to the instance metadata is something that you SHOULD do from a security point of view. |
|
|