jaredlockhart
commented
7 years ago We need to do some further research to determine whether we are able to restrict a node instances access to external web services and deny all access to internal AWS resources. We should file an AWS support ticket to verify this.
We should add a black list of domains/hosts which we will not attempt to establish remote connections to. This can include private IP ranges, localhost, as well as known third party hosts/domains which pose a risk to either the service or its consumers.