On Tue, Sep 02, 2025 at 08:18:37AM -0400, Noah Meyerhans wrote: :My feeling is that access to IMDS is a matter of policy that should be :left to the administrator responsible for the deployment. As long as we :provide a decent mechanism to control this policy, which we do in the :form of cloud-init's "Disable EC2 Instance Metadata Service" module, :we're good. (I realize that this doesn't do exactly what was proposed; :if admins want finer grained control, they do still have other :mechanisms like runcmd or custom scripting.)
As a long time OpenStack operator I agree this is something that should be left to the deployer. Restricting access to metadata would be a surprising default as other Distribitions and cloud platforms (AWS ) don't so there's pretty wide expectation that unpriveleged users can get this information. Making it easy to toggle those rules to make restriction easier for people who want it could be a useful feature. -Jon -- Jonathan Proulx (he/him) Sr. Technical Architect The Infrastructure Group MIT CSAIL
