http://169.254.169.254/latest/meta-data/iam/security-credentials/
This URL is used to retrieve temporary security credentials for an AWS service or resource. When a request is made to this URL from within an EC2 instance, AWS returns a JSON response containing the security credentials for the IAM role attached to the instance.
Feature: Temporary Security Credential Retrieval http://169
AWS has released IMDSv2 specifically to mitigate this SSRF vector. This URL is used to retrieve temporary security
If a server-side script executes shell commands that include user input, an attacker might inject: http://169
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/