The document discusses an SSRF attack on Amazon EC2 Instance Metadata Service (IMDS) version 1. It describes how IMDSv1 could be accessed from outside the instance by exploiting vulnerabilities in a web application firewall (WAF). The attack allowed accessing credentials of an IAM role that had permissions to an S3 bucket storing personal information. To mitigate such risks, Amazon introduced IMDS