AWS Security ChangesHomeSearch

AWS lightsail high security documentation change

Service: lightsail · 2025-05-03 · Security-related high

File: lightsail/latest/userguide/amazon-lightsail-configuring-instance-metadata-service.md

Summary

Expanded IMDSv2 default configuration to include Ubuntu 24 blueprints

Security assessment

IMDSv2 (Instance Metadata Service v2) is a security feature that protects against SSRF attacks by requiring session tokens. Expanding its default configuration to Ubuntu 24 blueprints improves security posture by enforcing this protection mechanism for new instances.

Diff

diff --git a/lightsail/latest/userguide/amazon-lightsail-configuring-instance-metadata-service.md b/lightsail/latest/userguide/amazon-lightsail-configuring-instance-metadata-service.md
index c9ae3d095..3f44ed56f 100644
--- a//lightsail/latest/userguide/amazon-lightsail-configuring-instance-metadata-service.md
+++ b//lightsail/latest/userguide/amazon-lightsail-configuring-instance-metadata-service.md
@@ -38 +38 @@ IMDSv2 uses session-oriented requests. With session-oriented requests, you creat
-Lightsail instances launched from Amazon Linux 2023 will have IMDSv2 configured by default.
+Lightsail instances launched from Amazon Linux 2023 and Ubuntu 24 blueprints will have IMDSv2 configured by default.