Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setting to disable IMDS access #4151

Open
larvacea opened this issue Aug 19, 2024 · 0 comments
Open

Setting to disable IMDS access #4151

larvacea opened this issue Aug 19, 2024 · 0 comments
Labels
status/needs-triage Pending triage or re-evaluation type/enhancement New feature or request

Comments

@larvacea
Copy link
Member

larvacea commented Aug 19, 2024
edited by arnaldo2792
Loading

What I'd like:

I would like users to be able to block access to the IMDS endpoint on EC2 instances running Bottlerocket without requiring the user to build and host a bootstrap container for this purpose.

Any alternatives you've considered:

A bootstrap container can use iptables to block non-root access to the IMDS endpoint, and thus deny access to IMDS for non-privileged containers.
@larvacea larvacea added type/enhancement New feature or request status/needs-triage Pending triage or re-evaluation labels Aug 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status/needs-triage Pending triage or re-evaluation type/enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@larvacea