Query: EC2 instances should use IMDSv2

Description

Ensure the Instance Metadata Service Version 2 (IMDSv2) method is enabled to help protect access and control of AWS Elastic Compute Cloud (AWS EC2) instance metadata.

Query

Tables used in this query:

• aws_ec2_instance

Controls using this query:

• 2.8 Ensure the Use of IMDSv2 is Enforced on All Existing Instances
• 5.6 Ensure that EC2 Metadata Service only allows IMDSv2
• 5.6 Ensure that EC2 Metadata Service only allows IMDSv2
• 5.7 Ensure that the EC2 Metadata Service only allows IMDSv2
• 5.7 Ensure that the EC2 Metadata Service only allows IMDSv2
• 8 EC2 instances should use IMDSv2
• EC2 instances should use IMDSv2

SQL