Open lancel66 opened 2 years ago
Hello, I am Blathers. I am here to help you get the issue triaged.
I was unable to automatically find someone to ping.
If we have not gotten back to your issue within a few business days, you can try the following:
:owl: Hoot! I am a Blathers, a bot for CockroachDB. My owner is otan.
cc @thtruo - reassigning to obs infra as per proposed ownership in https://docs.google.com/document/d/1icTRZu2oYW8kSrDrTUwoMG2iKghBkpzBLXWMOCiYyo4/edit
Is your feature request related to a problem? Please describe. Security audit at customer revealed that AWS IMDSv2 is currently not supported and leaves them open to server-side request forgery (SSRF) attacks. The customer has a large self-hosted DBaaS environment. CockroachDB uses the IMDSv1 endpoint to collect telemetry data.
Describe the solution you'd like Support IMDSv2 and prevent IMDSv1 from being used in collecting telemetry data.
Describe alternatives you've considered Disabling telemetry
Additional context It would be good to support IMDSv2 so customers won't be compelled to disable telemetry in self-hosted environments.
Jira issue: CRDB-17663