Skip to content
Latchkey

How to Block the Cloud Metadata Endpoint on Runners

The link-local metadata endpoint hands out cloud credentials, so a job that can reach it can steal the runner instance role.

Block 169.254.169.254 from job containers and enforce IMDSv2 so a malicious step or an SSRF cannot mint credentials from the runner instance profile.

Steps

  • Enforce IMDSv2 (session tokens) and set the hop limit to 1.
  • Drop traffic to 169.254.169.254 from job containers.
  • Prefer OIDC over the instance role so no metadata creds are needed.

Block metadata from containers

Terminal
# Enforce IMDSv2, hop limit 1 (AWS)
aws ec2 modify-instance-metadata-options \
  --instance-id "$IID" --http-tokens required --http-put-response-hop-limit 1

# Drop container traffic to the metadata IP on the host
sudo iptables -I DOCKER-USER -d 169.254.169.254 -j DROP

Gotchas

  • A hop limit above 1 lets containerized jobs still reach the metadata service.
  • harden-runner also blocks the metadata endpoint at the network layer as a second control.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →