Once upon a time, in a vast digital landscape, there existed a mystical realm known as the Cloud Kingdom. Within this kingdom, there lived a brave and resourceful adventurer named Alex.

If you're looking to secure your instance, you can find best practices on the AWS IAM Security and EC2 Instance Metadata pages. Wiz x Cloud Security Championship: Perimeter Leak

The portal's address was a cryptic string of characters: http://169.254.169.254/latest/meta-data/iam/security-credentials/. Alex had to decipher the meaning behind this mysterious URL.

The URL http://169.254.169.254/latest/meta-data/iam/security-credentials/ is a link-local address accessible only from within an EC2 instance.

IMDSv2: Protects against SSRF by requiring a session token obtained via a PUT request, which standard SSRF vulnerabilities typically cannot perform. Steal EC2 Metadata Credentials via SSRF - Hacking The Cloud

In cloud environments, the IP 169.254.169.254 is a "link-local" address reachable only from within the virtual machine.