Instance Metadata Service, or IMDS, is a local endpoint that exposes instance information and, in Azure, can mint tokens for attached managed identities. It is designed for trusted workloads on the host, so compromise of the machine can become compromise of the identity if access is not tightly controlled.
Expanded Definition
Instance Metadata Service, or IMDS, is a host-local endpoint that exposes instance attributes and, in cloud platforms such as Azure, can mint short-lived tokens for attached managed identities. It is part of the trusted execution surface for workloads already running on the machine.
In NHI operations, IMDS matters because it bridges infrastructure identity and workload identity. Rather than embedding long-lived secrets in code or files, cloud platforms can let the instance obtain credentials at runtime. That design reduces secret sprawl, but it also makes the host itself a high-value trust boundary. If an attacker gains code execution, SSRF reachability, container breakout, or interactive access on the instance, IMDS can become a credential issuance path. Definitions vary across vendors, and no single standard governs this yet, so practitioners should treat IMDS as an implementation pattern within broader identity and access controls, not as a standalone security control. For context on NHI governance and exposure, see the Ultimate Guide to NHIs — Key Research and Survey Results and the control expectations in NIST Cybersecurity Framework 2.0.
The most common misapplication is leaving IMDS reachable from untrusted workloads or network paths, which occurs when teams assume the endpoint is safe simply because it is local to the host.
Examples and Use Cases
Implementing IMDS rigorously often introduces a host-hardening constraint, requiring organisations to weigh runtime convenience against the blast radius of instance compromise.
- A cloud VM uses IMDS to fetch a managed identity token so a backup agent can write to object storage without any embedded API key.
- A Kubernetes node runs a privileged sidecar that can query IMDS on behalf of a pod, which is convenient but should trigger strict isolation reviews and policy checks aligned with NIST Cybersecurity Framework 2.0.
- An application behind a vulnerable HTTP client becomes exposed to SSRF, allowing an attacker to reach IMDS and request tokens for the instance identity.
- An operator maps instance access paths against the exposure patterns discussed in the Ultimate Guide to NHIs — Key Research and Survey Results to validate whether managed identities are reducing secret sprawl or just shifting risk.
- A platform team disables legacy metadata access routes and restricts token retrieval to approved workloads, preserving the benefits of managed identity while limiting lateral movement opportunities.
Why It Matters in NHI Security
IMDS is not merely an infrastructure convenience. It is an NHI control point because it can issue credentials that inherit the instance’s privileges, and excessive privilege at that layer can cascade into data access, control-plane abuse, and service impersonation. This is why IMDS design belongs in the same governance conversation as NIST Cybersecurity Framework 2.0 identity and access outcomes, especially where least privilege, access review, and protective technology are concerned.
NHIMG research shows that 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, which is exactly the kind of pattern that turns metadata endpoints into high-impact compromise paths. The same research also shows that only 5.7% of organisations have full visibility into their service account, making it easy to overlook which workloads can reach IMDS and what they can mint. The Ultimate Guide to NHIs — Key Research and Survey Results provides the broader context for why visibility and rotation matter when instance-based identities are in play.
Organisations typically encounter IMDS risk only after a host compromise, SSRF incident, or container escape exposes token issuance, at which point instance metadata service becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-02 | IMDS is a secret and token issuance path that can expose NHI credentials if mismanaged. |
| NIST CSF 2.0 | PR.AC-4 | IMDS access must follow least-privilege identity and access management principles. |
| NIST Zero Trust (SP 800-207) | JSON null | Zero Trust treats metadata access as a protected resource that must be explicitly authorized. |
Restrict metadata access, rotate tokens, and verify every workload that can reach instance identity endpoints.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on May 26, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
