Hi guys,
I just found that the metadata API is public which is annoying in my case. I'm not putting private information in my user data field, but I still want them to not be seen.
Can you help me?
Metadata is a service that allows a droplet to access data about itself. The information stored in it about a droplet is only accessible on that droplet. You can find more information about the metadata service in this tutorial:
If you're concerned about other users that you've given access to the droplet seeing what's in user-data, you can "null-route" the IP address of the metadata service. Adding the following cloud-config script to your user-data on droplet creation will do this automatically:
#cloud-config
disable_ec2_metadata: true
