Compute Instances should have legacy metadata service endpoint disabled

Docs > Datadog Security > OOTB Rules > Compute Instances should have legacy metadata service endpoint disabled

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Compute Instances that utilize legacy metadata service endpoints (IMDSv1) are susceptible to potential Server-Side Request Forgery (SSRF) attacks. To help prevent these attacks, it is strongly advised to configure Compute Instances to adopt Instance Metadata Service v2, aligning with the industry’s best security practices.

This rule checks that the legacy Instance Metadata Service (IMDS) endpoints are disabled on OCI Compute instances. Enabling Instance Metadata Service v2 enhances security and grants precise control over metadata access.

Remediation

For guidance on configuring Instance Metadata Service settings, refer to the Updating Instance Metadata section of the Oracle Cloud Infrastructure Documentation.

Compute Instances should have legacy metadata service endpoint disabled

Description

Remediation

How can I help you today?