Cloud Instance Metadata API


Adversaries may attempt to access the Cloud Instance Metadata API to collect credentials and other sensitive data.

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable Vulnerability ManagementAdvanced Network ScanEC2Authenticated ScanAPIMetadata infoPlugin ID: 90427


Amazon Web Services EC2 Instance Metadata Enumeration (Windows)

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Credential Access

Platform: AWS

Tenable Release Date: 2023 Q3