docs.aws.amazon.com
Open in
urlscan Pro
13.35.58.67
Public Scan
Submitted URL: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
Effective URL: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
Submission: On July 17 via api from US — Scanned from DE
Effective URL: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
Submission: On July 17 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
SELECT YOUR COOKIE PREFERENCES
We use essential cookies and similar tools that are necessary to provide our
site and services. We use performance cookies to collect anonymous statistics so
we can understand how customers use our site and make improvements. Essential
cookies cannot be deactivated, but you can click “Customize cookies” to decline
performance cookies.
If you agree, AWS and approved third parties will also use cookies to provide
useful site features, remember your preferences, and display relevant content,
including relevant advertising. To continue without accepting these cookies,
click “Continue without accepting.” To make more detailed choices or learn more,
click “Customize cookies.”
Accept all cookiesContinue without acceptingCustomize cookies
CUSTOMIZE COOKIE PREFERENCES
We use cookies and similar tools (collectively, "cookies") for the following
purposes.
ESSENTIAL
Essential cookies are necessary to provide our site and services and cannot be
deactivated. They are usually set in response to your actions on the site, such
as setting your privacy preferences, signing in, or filling in forms.
PERFORMANCE
Performance cookies provide anonymous statistics about how customers navigate
our site so we can improve site experience and performance. Approved third
parties may perform analytics on our behalf, but they cannot use the data for
their own purposes.
Allow performance category
Allowed
FUNCTIONAL
Functional cookies help us provide useful site features, remember your
preferences, and display relevant content. Approved third parties may set these
cookies to provide certain site features. If you do not allow these cookies,
then some or all of these services may not function properly.
Allow functional category
Allowed
ADVERTISING
Advertising cookies may be set through our site by us or our advertising
partners and help us deliver relevant marketing content. If you do not allow
these cookies, you will experience less relevant advertising.
Allow advertising category
Allowed
Blocking some types of cookies may impact your experience of our sites. You may
review and change your choices at any time by clicking Cookie preferences in the
footer of this site. We and selected third-parties use cookies or similar
technologies as specified in the AWS Cookie Notice.
CancelSave preferences
UNABLE TO SAVE COOKIE PREFERENCES
We will only store essential cookies at this time, because we were unable to
save your cookie preferences.
If you want to change your cookie preferences, try again later using the link in
the AWS console footer, or contact support if the problem persists.
Dismiss
Contact Us
English
Create an AWS Account
1. AWS
2. ...
3. Documentation
4. Amazon EC2
5. User Guide
Feedback
Preferences
AMAZON ELASTIC COMPUTE CLOUD
USER GUIDE
* What is Amazon EC2?
* Get started tutorial
* Best practices
* Amazon Machine Images
* AMI types
* Virtualization types
* Boot modes
* Launch an instance
* AMI boot mode parameter
* Instance type boot mode
* Instance boot mode
* Operating system boot mode
* Set AMI boot mode
* UEFI variables
* UEFI Secure Boot
* How UEFI Secure Boot works
* Launch an instance with UEFI Secure Boot support
* Verify whether an instance is enabled for UEFI Secure Boot
* Create a Linux AMI to support UEFI Secure Boot
* Create three key pairs
* Option A: Add keys to the variable store from within the instance
* Option B: Create a binary blob containing a pre-filled variable
store
* How the AWS binary blob is created
* Find an AMI
* Shared AMIs
* Find shared AMIs
* Make an AMI public
* Share an AMI with organizations or OUs
* Share an AMI with specific AWS accounts
* Cancel having an AMI shared with your account
* Use bookmarks
* Guidelines for shared Linux AMIs
* Paid AMIs
* AMI lifecycle
* Create an AMI
* Create an Amazon EBS-backed AMI
* Create an instance store-backed Linux AMI
* Set up the AMI tools
* Create an AMI from an instance store-backed instance
* Convert to an Amazon EBS-Backed AMI
* AMI tools reference
* Create an AMI with Windows Sysprep
* Modify an AMI
* Copy an AMI
* Store and restore an AMI
* Deprecate an AMI
* Disable an AMI
* Archive AMI snapshots
* Deregister (delete) an AMI
* Automate the EBS-backed AMI lifecycle
* AMI encryption
* Monitor AMI events
* Understand AMI billing
* AMI billing fields
* Find AMI billing information
* Verify AMI charges on your bill
* AMI quotas
* Instances
* Instances and AMIs
* Instance types
* Find an instance type
* Get recommendations
* For new workloads
* For existing workloads
* Change the instance type
* Compatibility
* Troubleshoot
* Instance store-backed instances
* Burstable performance instances
* Key concepts
* Unlimited mode
* Concepts
* Examples
* Standard mode
* Concepts
* Examples
* Work with burstable performance instances
* Monitor your CPU credits
* GPU instances
* Activate NVIDIA GRID Virtual Applications
* Optimize GPU settings
* Set up dual 4k displays on Linux
* Get started with P5 instances for Linux
* Mac instances
* Launch a Mac instance
* Connect to your Mac instance
* Update operating system and software
* Increase size of EBS volume
* Stop or terminate Mac instance
* Find supported macOS versions
* Subscribe to macOS AMI notifications
* Retrieve macOS AMI IDs
* macOS AMIs release notes
* Amazon EBS optimization
* Get maximum EBS performance
* Find EBS-optimized instance types
* Enable EBS optimization
* Instance purchasing options
* On-Demand Instances
* Reserved Instances
* Regional and zonal Reserved Instances (scope)
* Types of Reserved Instances (offering classes)
* How Reserved Instances are applied
* Use your Reserved Instances
* How you are billed
* Buy Reserved Instances
* Sell in the Reserved Instance Marketplace
* Modify Reserved Instances
* Exchange Convertible Reserved Instances
* Reserved Instance quotas
* Spot Instances
* Best practices
* How Spot Instances work
* Spot Instance pricing history
* Savings
* Work with Spot Instances
* Example launch specifications
* Spot request status
* Rebalance recommendations
* Spot Instance interruptions
* Reasons for interruption
* Interruption behavior
* Stop
* Hibernate
* Terminate
* Prepare for interruptions
* Initiate an interruption
* Spot Instance interruption notices
* Find interrupted Spot Instances
* Determine whether Amazon EC2 terminated a Spot Instance
* Billing
* Spot placement score
* Spot Instance data feed
* Spot Instance quotas
* Burstable performance instances
* Dedicated Hosts
* Pricing and billing
* Instance capacity configurations
* Burstable instances on Dedicated Hosts
* Bring your own licenses
* Auto-placement and affinity
* Allocate a Dedicated Host
* Launch instances on a Dedicated Host
* Launch instances into a host resource group
* Modify Dedicated Host auto-placement
* Modify supported instance types
* Modify tenancy and affinity for an instance
* Release Dedicated Host
* Cross-account sharing
* Share a Dedicated Host
* Unshare a Dedicated Host
* View shared Dedicated Hosts
* Dedicated Hosts on Outposts
* Allocate Dedicated Host on Outpost
* Host recovery
* How host recovery works
* Enable host recovery
* Disable host recovery
* View host recovery setting
* Manually recovery unsupported instances
* Host maintenance
* How host maintenance works
* Configure host maintenance
* Monitor Dedicated Hosts
* Track configuration changes
* Dedicated Instances
* Launch Dedicated Instances into VPC
* Change the tenancy of an instance
* Change the tenancy of an Amazon VPC
* Capacity Reservations
* On-Demand Capacity Reservations
* Capacity Reservation pricing and billing
* Work with Capacity Reservations
* Work with Capacity Reservation groups
* Capacity Reservations in cluster placement groups
* Capacity Reservations in Local Zones
* Capacity Reservations in Wavelength Zones
* Capacity Reservations on AWS Outposts
* Work with shared Capacity Reservations
* Capacity Reservation Fleets
* Capacity Reservation Fleet concepts
* Work with Capacity Reservation Fleets
* Example configurations
* Using service-linked roles
* Monitoring Capacity Reservations
* CloudWatch metrics
* EventBridge events
* Utilization notifications
* Capacity Blocks for ML
* Capacity Blocks pricing and billing
* Work with Capacity Blocks
* Monitor Capacity Blocks
* Instance lifecycle
* Launch
* Launch using the launch instance wizard
* Old launch instance wizard
* Launch using a launch template
* Restrictions
* Permissions
* Control launching instances
* Create
* Modify (manage versions)
* Delete
* Launch instances
* Launch an instance from an existing instance
* Use an AWS Marketplace instance
* Stop and start
* How it works
* Enable stop protection
* Hibernate
* How it works
* Prerequisites
* Configure a Linux AMI to support hibernation
* Enable instance hibernation
* Disable KASLR on an instance (Ubuntu only)
* Hibernate an instance
* Start a hibernated instance
* Troubleshoot
* Reboot
* Terminate
* How it works
* Enable termination protection
* Change the instance initiated shutdown behavior
* Preserve data when an instance is terminated
* Retire
* Instance resiliency
* CloudWatch action based recovery
* Simplified automatic recovery
* Work with instance metadata
* Use IMDSv2
* How IMDSv2 works
* Transition to using IMDSv2
* Supported SDKs
* Configure the instance metadata options
* For new instances
* For existing instances
* Retrieve instance metadata
* Work with instance user data
* Run commands at launch
* Retrieve dynamic data
* Instance metadata categories
* Linux example: AMI launch index value
* Instance identity documents
* Retrieve the instance identity document
* Verify instance identity document
* AWS public certificates
* Instance identity roles
* Connect to your EC2 instance
* Connect to your Linux instance
* Connect with SSH from Linux or macOS
* Connect from Windows
* Connect with EC2 Instance Connect
* Tutorial
* Prerequisites
* Permissions
* Install EC2 Instance Connect
* Connect using EC2 Instance Connect
* Uninstall EC2 Instance Connect
* Connect to your Windows instance
* Connect to your Windows instance using an RDP client
* Connect to your Windows instance using Fleet Manager
* Configure your accounts
* Transfer files to Windows instances
* Connect using Session Manager
* Connect using EC2 Instance Connect Endpoint
* Permissions
* Security groups
* Create an EC2 Instance Connect Endpoint
* Connect to an instance
* Log connections
* Delete an EC2 Instance Connect Endpoint
* Service-linked role
* Quotas
* Connect your instance to a resource
* Tutorial: Connect an EC2 instance to an RDS database
* Option 1: Automatically connect – EC2 console
* Task 1: Create an RDS database – optional
* Task 2: Launch an EC2 instance – optional
* Task 3: Automatically connect your EC2 instance to your RDS
database
* Task 4: Verify the connection configuration
* Option 2: Automatically connect – RDS console
* Task 1: Launch an EC2 instance – optional
* Task 2: Create an RDS database and automatically connect it to
your EC2 instance
* Task 3: Verify the connection configuration
* Option 3: Manually connect (create security groups)
* Task 1: Launch an EC2 instance – optional
* Task 2: Create an RDS database – optional
* Task 3: Manually connect your EC2 instance to your RDS
database
* Clean up
* Identify instances
* Manage system settings
* Clock and time synchronization
* Use the local Amazon Time Sync Service
* Use the public Amazon Time Sync Service
* Compare timestamps for your Linux instances
* Change the time zone of your instance
* Processor state control
* Optimize CPU options
* Rules for specifying CPU options
* CPU cores and threads per CPU core per instance type
* Specify CPU options for your instance
* View the CPU options for your instance
* AMD SEV-SNP
* Work with AMD SEV-SNP
* Attestation with AMD SEV-SNP
* Add Windows system components
* Manage Linux system users
* Set the Windows Administrator password
* Manage device drivers
* Install NVIDIA drivers
* Install AMD drivers
* Windows PV drivers
* Upgrade PV drivers
* Troubleshoot PV drivers
* AWS Windows NVMe drivers
* Configure Windows instances
* Configure Windows launch agents
* EC2Launch v2
* Overview
* Install
* Migrate
* Manage
* Subscribe
* Settings
* Troubleshoot
* Version histories
* EC2Launch
* Install EC2Launch
* Version history
* EC2Config service
* Install EC2Config
* Version history
* Troubleshoot
* Use EC2 Fast Launch for Windows
* EC2 Fast Launch prerequisites
* Configure EC2 Fast Launch settings
* View EC2 Fast Launch AMIs
* Manage resource costs
* Monitor EC2 Fast Launch
* Service-linked role
* Use Elastic Graphics accelerators on Windows
* Work with Elastic Graphics
* Elastic Graphics maintenance
* Use CloudWatch metrics to monitor Elastic Graphics
* Troubleshoot
* Install WSL on Windows
* Upgrade Windows instances
* Perform an in-place upgrade
* Perform an automated upgrade
* Migrate to a current generation instance type
* Migrate to Xen from Nitro
* Migrate Microsoft SQL Server from Windows to Linux
* Troubleshoot an upgrade
* Fleets
* EC2 Fleet
* EC2 Fleet request types
* EC2 Fleet 'instant' type
* EC2 Fleet configuration strategies
* Plan an EC2 Fleet
* Allocation strategies for Spot Instances
* Attribute-based instance type selection
* On-Demand backup
* Capacity Rebalancing
* Maximum price overrides
* Control spending
* Instance weighting
* Work with EC2 Fleets
* Spot Fleet
* Spot Fleet request types
* Spot Fleet configuration strategies
* Plan a Spot Fleet request
* Allocation strategies for Spot Instances
* Attribute-based instance type selection
* On-Demand in Spot Fleet
* Capacity Rebalancing
* Spot price overrides
* Control spending
* Instance weighting
* Work with Spot Fleets
* CloudWatch metrics for Spot Fleet
* Automatic scaling for Spot Fleet
* Target tracking scaling policies
* Step scaling policies
* Scheduled scaling
* Monitor fleet events
* EC2 Fleet event types
* Spot Fleet event types
* Create EventBridge rules
* For EC2 Fleet events
* For Spot Fleet events
* Tutorials
* Tutorial: Use EC2 Fleet with instance weighting
* Tutorial: Use EC2 Fleet with On-Demand as the primary capacity
* Tutorial: Launch On-Demand Instances using targeted Capacity
Reservations
* Tutorial: Launch instances into Capacity Blocks
* Tutorial: Use Spot Fleet with instance weighting
* Example configurations
* EC2 Fleet example configurations
* Spot Fleet example configurations
* Fleet quotas
* Monitor
* Automated and manual monitoring
* Best practices for monitoring
* Monitor the status of your instances
* Instance status checks
* State change events
* Scheduled events
* Define event windows for scheduled events
* Monitor your instances using CloudWatch
* Instance alarms
* Enable detailed monitoring
* List available metrics
* Install and configure the CloudWatch agent
* Get statistics for metrics
* Get statistics for a specific instance
* Aggregate statistics across instances
* Aggregate statistics by Auto Scaling group
* Aggregate statistics by AMI
* Graph metrics
* Create an alarm
* Create alarms that stop, terminate, reboot, or recover an instance
* Automate using EventBridge
* Log API calls using CloudTrail
* Monitor your .NET and SQL Server applications
* Track your Free Tier usage
* Networking
* Regions and Zones
* Instance IP addressing
* Multiple IP addresses
* Multiple private IPv4 addresses for Windows
* Instance hostname types
* Bring your own IP addresses
* Elastic IP addresses
* Network interfaces
* Best practices for configuring network interfaces
* Scenarios for network interfaces
* Requester-managed network interfaces
* Assign prefixes
* Work with prefixes
* Network bandwidth
* Enhanced networking
* Elastic Network Adapter (ENA)
* ENA Express
* Intel 82599 VF
* Network performance metrics
* Troubleshoot ENA on Linux
* Troubleshoot the ENA Windows driver
* Improve network latency on Linux instances
* Nitro performance considerations
* Optimize network performance on Windows instances
* Elastic Fabric Adapter
* Get started with P5 instances and EFA
* Get started with EFA and MPI
* Get started with EFA and NCCL
* Work with EFA
* Monitor an EFA
* Verify the EFA installer using a checksum
* Instance topology
* How it works
* Prerequisites
* Examples
* Placement groups
* Placement strategies
* Rules and limitations
* Work with placement groups
* Share a placement group
* Placement groups on AWS Outposts
* Network MTU
* Virtual private clouds
* Security
* Data protection
* Infrastructure security
* Resilience
* Compliance validation
* Identity and access management
* IAM policies
* Policy structure
* Tag resources during creation
* Control access to EC2 resources using resource tags
* Example policies for CLI or SDK
* Example policies for the console
* AWS managed policies
* IAM roles
* AWS PrivateLink
* Update management
* Security best practices for Windows instances
* Key pairs
* Create a key pair
* Tag a key pair
* Describe your key pairs
* Delete your key pair
* Add or remove a public key on your Linux instance
* Verify the fingerprint
* Security groups
* Security group rules
* Connection tracking
* Default and custom security groups
* Work with security groups
* Security group rules for different use cases
* NitroTPM
* Considerations
* Prerequisites
* Create a Linux AMI for NitroTPM support
* Verify whether an AMI is enabled for NitroTPM
* Enable or stop using NitroTPM on an instance
* Retrieve the public endorsement key
* Credential Guard for Windows instances
* Storage
* Amazon EBS
* Instance store
* Add instance store volumes
* SSD instance store volumes
* Instance store swap volumes for Linux instances
* Optimize disk performance on Linux instances
* File storage
* Amazon S3
* Amazon EFS
* Amazon FSx
* Amazon File Cache
* Instance volume limits
* Root volumes
* Change the root volume to persist
* Replace a root volume
* Device names
* Block device mappings
* Map disks to volumes
* Windows VSS EBS snapshots
* What is VSS?
* Prerequisites
* System requirements
* IAM permissions
* Attach policy to instance profile
* VSS managed policy
* Legacy policy
* VSS components
* Install manually
* Update on a schedule
* Create VSS snapshots
* Use AWS Systems Manager
* Use AWS Backup
* Use Amazon Data Lifecycle Manager
* Troubleshoot Windows VSS based EBS snapshots
* Restore volumes from VSS snapshots
* Version history
* Torn write prevention for Linux instances
* Resources and tags
* Recycle Bin
* Considerations
* Required IAM permissions
* Condition keys for Recycle Bin
* Work with retention rules
* Work with resources in the Recycle Bin
* Recover snapshots from the Recycle Bin
* Recover AMIs from the Recycle Bin
* Monitor Recycle Bin
* Monitor using EventBridge
* Monitor using CloudTrail
* Resource locations
* Resource IDs
* List and filter your resources
* Global View
* Tag your resources
* Service quotas
* Troubleshoot
* Common issues with Windows instances
* Common messages with Windows instances
* Troubleshoot launch issues
* Connect to your Linux instance
* Connect to your Windows instance
* Reset a lost or expired Windows administrator password
* Reset using EC2Launch v2
* Reset Using EC2Config
* Reset using EC2Launch
* Troubleshoot an unreachable instance
* Stop your instance
* Terminate your instance
* Failed status checks on Linux
* Troubleshoot Linux instance booting from wrong volume
* Troubleshoot Sysprep issues
* EC2Rescue for Linux
* Install EC2Rescue for Linux
* (Optional) Verify the signature of EC2Rescue for Linux
* Work with EC2Rescue for Linux
* Develop EC2Rescue modules
* EC2Rescue for Windows Server
* Use the GUI
* Use the command line
* Use Systems Manager
* EC2 Serial Console
* Prerequisites
* Configure access to the EC2 Serial Console
* Connect to the EC2 Serial Console
* Disconnect from the EC2 Serial Console
* Troubleshoot your instance using the EC2 Serial Console
* Send a diagnostic interrupt
* Document history
Use IMDSv2 - Amazon Elastic Compute Cloud
AWSDocumentationAmazon EC2User Guide
USE IMDSV2
PDFRSS
You can access instance metadata from a running instance using one of the
following methods:
* Instance Metadata Service Version 1 (IMDSv1) – a request/response method
* Instance Metadata Service Version 2 (IMDSv2) – a session-oriented method
By default, you can use either IMDSv1 or IMDSv2, or both.
You can configure the Instance Metadata Service (IMDS) on each instance so that
local code or users must use IMDSv2. When you specify that IMDSv2 must be used,
IMDSv1 no longer works. For information about how to configure your instance to
use IMDSv2, see Configure the instance metadata options.
The PUT or GET headers are unique to IMDSv2. If these headers are present in the
request, then the request is intended for IMDSv2. If no headers are present, it
is assumed the request is intended for IMDSv1.
For an extensive review of IMDSv2, see Add defense in depth against open
firewalls, reverse proxies, and SSRF vulnerabilities with enhancements to the
EC2 Instance Metadata Service.
To retrieve instance metadata, see Retrieve instance metadata.
TOPICS
* How Instance Metadata Service Version 2 works
* Transition to using Instance Metadata Service Version 2
* Use a supported AWS SDK
Javascript is disabled or is unavailable in your browser.
To use the Amazon Web Services Documentation, Javascript must be enabled. Please
refer to your browser's Help pages for instructions.
Document Conventions
Work with instance metadata
How IMDSv2 works
Did this page help you? - Yes
Thanks for letting us know we're doing a good job!
If you've got a moment, please tell us what we did right so we can do more of
it.
Did this page help you? - No
Thanks for letting us know this page needs work. We're sorry we let you down.
If you've got a moment, please tell us how we can make the documentation better.
DID THIS PAGE HELP YOU?
Yes
No
Provide feedback
NEXT TOPIC:
How IMDSv2 works
PREVIOUS TOPIC:
Work with instance metadata
NEED HELP?
* Try AWS re:Post
* Connect with an AWS IQ expert
PrivacySite termsCookie preferences
© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ON THIS PAGE