2 comments

[ 4.2 ms ] story [ 13.2 ms ] thread
This seems ridiculous. Wasn't the issue a misconfiguration of the Capital One webapp, and not a problem with the cloud?
Definitely - requiring a an extra header to access instance metadata on 169.254.169.254 does makes it harder for this kind of thing to happen, and is indeed what GCP does, but would obviously be a breaking change. Probably not merited by one customer with a misconfigured firewall.

Calling AWS "defective cloud computing services" seems technologically inept, to be generous...