Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP All
Fixed In:
17.0.0, 16.1.2.1, 15.1.5.1
Opened: Dec 01, 2020 Severity: 3-Major
AWS added a token-based Instance MetaData Service API (IMDSv2). Prior versions of BIG-IP Virtual Edition supported only a request/response method (IMDSv1). When the AWS API is starting with IMDSv2, you will receive the following error message: get_dossier call on the command line fails with: 01170003:3: halGetDossier returned error (1): Dossier generation failed. This latest version of BIG-IP Virtual Edition now supports instances started with IMDSv2.
BIG-IP Virtual Edition cannot license or re-license AWS instances started with IMDSv2 and other metadata-based functionality will not function.
AWS instances started with IMDSv2.
None
With the latest version of BIG-IP VE, you can now initialize "IMDSv2 only" instances in AWS and migrate your existing instances to "IMDSv2 only" using aws-cli commands. For details, consult documentation: https://clouddocs.f5.com/cloud/public/v1/shared/aws-ha-IAM.html#check-the-metadata-service-for-iam-role IMDSv2 documentation from AWS: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html