tomcatlingcma
commented
5 years ago Opened a pull request to fix this https://github.com/PaloAltoNetworks/aws/pull/20
Open tomcatlingcma opened 5 years ago
tomcatlingcma
commented
5 years ago Opened a pull request to fix this https://github.com/PaloAltoNetworks/aws/pull/20
Hi,
I am using your two tier sample and have noticed that any requests to AWS services from the Web instances are granted the instance profile associated with the Firewall instance. I think this might be because requests to 169.254.169.254 are being routed through the Firewall, when infact they should never leave the instance making the request.
I assume the normal route for these requests is being overwritten when the Firewall is added as a router during startup.
Can you offer any advice on fixing the user data script or changing the config in the Firewall so that these examples don't break normal use of AWS services?
Thanks.