Skip to content

Latest commit

 

History

History
34 lines (25 loc) · 1.09 KB

File metadata and controls

34 lines (25 loc) · 1.09 KB

About the Keys in this Directory

General Information on Endpoints

There are several endpoints on an instance related to the instance identity:

http://169.254.169.254/latest/dynamic/instance-identity/document

(1) Produces the actual document, which is nothing special — just a JSON object with information about instance (region, id, AMI id etc.)

http://169.254.169.254/latest/dynamic/instance-identity/signature

(2) Produces a RSA-signed SHA256 digest (in a form of a base64-encoded string).

http://169.254.169.254/latest/dynamic/instance-identity/pkcs7

(3) Produces a PKCS7 document containing the DSA-signed SHA1 digest. Well documented here

http://169.254.169.254/latest/dynamic/instance-identity/rsa2048

(4) Produces a PKCS7 document containing the RSA-signed SHA256 digest.

http://169.254.169.254/latest/dynamic/instance-identity/dsa2048

(5) At the time of writing, doesn't work 😛

RSA-key-forSignature file

The public key for (2). Was obtained from AWS support.