AWS IMDSv2 is a great security control against the devestating vulnerability of Server Side Request Forgery (SSRF).
Our resident hacker Riyaz figured out that an additional configuration should be checked to make sure IMDSv2 is hardended.
The PUT response hop limit is set to greater than 1 allowing any container solutions (like Docker or Kubernetes pods) from accessing the instance metadata endpoint.
Now that this misconfiguration has been researched and tested thoroughly, engineering will take it up for developement soon.