Playing with EC2 Instance Metadata Service and Dynamic Data | Scribe

Playing with EC2 Instance Metadata Service and Dynamic Data

  • Hafeez Baig |
  • 5 steps |
  • 39 seconds
  • Amazon Web ServicesAmazon Web Services
information ordinal icon
Refer to this guide to learn how to create an EC2 instance\ <https://scribehow.com/shared/AWS__Creating_your_first_EC2_Instance__Xcu7ZVCdRfWx56YVktKgbQ> Refer to this guide to learn how to connect to an EC2 instance<https://scribehow.com/shared/How_to_Connect_to_an_AWS_EC2_Instance__czXjLrH1R1yAIXika6fGbA>
1
Access to the **EC2 Linux instance** by connecting through AWS default **EC2 instance connect**.
information ordinal icon
Use [[sudo ]]to switch from **ec2-user** to root for administrative tasks on EC2 instance to mitigate the risk of unintended alterations affecting system stability or security.
2
Type [[sudo su]] to switch from **ec2-user** to root; followed by pressing Enter.
information ordinal icon
**What is Metadata in AWS EC2?** Metadata in AWS EC2 refers to a set of data about an EC2 instance that can be accessed from within the instance itself. This metadata includes information such as the instance's public and private IP addresses, instance type, security group settings, and more.
3
Execute the command [[TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")]]
information ordinal icon
This command uses the curl tool to fetch a security token from an AWS EC2 instance's metadata service. The token is retrieved by sending a PUT request to the specified URL (`http://169.254.169.254/latest/api/token`) with a header (`X-aws-ec2-metadata-token-ttl-seconds`) indicating the token's time-to-live in seconds (21600 seconds or 6 hours). The retrieved token is stored in the variable `TOKEN`.
4
Execute the following command to verify that the token is working. [[curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data]]
information ordinal icon
**What is Dynamic Data Services?**\ Dynamic data services enable real-time access and manipulation of data, supporting dynamic content generation and interactive applications.
5
Execute this command [[curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/dynamic/instance-identity/document]]
information ordinal icon
This command fetches the instance identity document of an AWS EC2 instance. It includes a custom header "X-aws-ec2-metadata-token" for authentication, with the token value being provided by the `$TOKEN` variable.
information ordinal icon
Congratulations on finishing this lab and delving into EC2 instance metadata! Well done!