-
-
Save anryko/0ceb1c1ef59b828befbc83d8ad3e07f6 to your computer and use it in GitHub Desktop.
Lock down EC2 meta-data to root (or others) only.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| iptables -t filter -I OUTPUT -d 169.254.169.254 -j EC2 | |
| iptables -N EC2 | |
| iptables -A EC2 -m owner --uid-owner root -d 169.254.169.254 -j ACCEPT | |
| iptables -A EC2 -j REJECT --reject-with icmp-host-unreachable |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment