10Eki
How to harden against credential stealing in EC2 via the http://169.254.169.254 API?
AWS has a feature called Instance Metadata, which on EC2 gives you access to the AWS credentials through HTTP calls:
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/<role>
The feature itself is intentional, t…