Fetch-url-http-3a-2f-2f169.254.169.254-2flatest-2fmeta Data-2fiam-2fsecurity Credentials-2f ((new)) Jun 2026

The link http://169.254.169.254 is an IP address that serves as a special endpoint within AWS, known as the Instance Metadata Service. This service provides instances with a way to access information about themselves, including metadata that can be used for configuration, management, and security purposes. The metadata service is accessible from within the instance and offers various pieces of information that are essential for dynamic configuration and management.

If your application never needs to call AWS APIs, you can disable the metadata service entirely: The link http://169

http://169.254.169 is a classic Server-Side Request Forgery (SSRF) attack vector targeting AWS Instance Metadata Service, capable of revealing temporary IAM credentials. An attacker exploits this by forcing a web application to fetch data from the internal, trusted link-local IP, resulting in potential full cloud account takeovers, as demonstrated in the 2019 Capital One breach. Modern AWS IMDSv2 protections require a session token, mitigating this specific "fetch-url" attack. If your application never needs to call AWS