Fortinet Document Library

Version:

Version:

Version:


Table of Contents

New Features

Download PDF
Copy Link

IMDSv2 support for FortiManager-VM on OCI 6.4.4

FortiManager-VM on OCI uses Oracle Instance Metadata Service version 2 (IMDSv2) to query and retrieve metadata from OCI cloud. IMDSv2 provides enhanced security compared to version 1.

With IMDSv2:

  • All requests to the IMDSv2 endpoints must include an authorization header. Requests that do not include the authorization header are rejected.

  • Requests that are forwarded using the HTTP headers Forwarded, X-Forwarded-For, or X-Forwarded-Host are rejected.

To upgrade the instance metadata service on an OCI compute instance:
  1. Verify that the instance uses an image that supports IMDSv2.
  2. Identify and migrate requests to the legacy IMDSv1 endpoints to support IMDSv2 endpoints.
  3. Disable all requests to the legacy IMDSv1 endpoints.

IMDSv2 support for FortiManager-VM on OCI 6.4.4

FortiManager-VM on OCI uses Oracle Instance Metadata Service version 2 (IMDSv2) to query and retrieve metadata from OCI cloud. IMDSv2 provides enhanced security compared to version 1.

With IMDSv2:

  • All requests to the IMDSv2 endpoints must include an authorization header. Requests that do not include the authorization header are rejected.

  • Requests that are forwarded using the HTTP headers Forwarded, X-Forwarded-For, or X-Forwarded-Host are rejected.

To upgrade the instance metadata service on an OCI compute instance:
  1. Verify that the instance uses an image that supports IMDSv2.
  2. Identify and migrate requests to the legacy IMDSv1 endpoints to support IMDSv2 endpoints.
  3. Disable all requests to the legacy IMDSv1 endpoints.