Share via

How to disable Azure Instance Metadata Service

Prashanth Kumar 1 Reputation point
2021-06-28T17:14:45.143+00:00

I wanted to disable the Instance Metadata Service on the VM's. Even though, we run the URL within the VM itself, http://169.254.169.254/metadata/instance?api-version=2021-02-01, I don't want my machine share it's details at any cost.

Is there a way, I can disable this service in Azure, other cloud providers had provided the option to disable the Metadata Service for their VM's

There is no option of disabling the Metadata Service in the Azure Portal and went through the KB article: https://learn.microsoft.com/en-us/azure/virtual-machines/linux/instance-metadata-service?tabs=linux no mention of disabling the Metadata Service.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,585 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. vipullag-MSFT 26,021 Reputation points
    2021-07-01T10:20:01.383+00:00

    @Prashanth Kumar

    Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.

    I would like to let you know that this is a service which communicates with the fabric controller inside azure portal to get the VM properties and also works with azure agent, so it is not possible to disable it.

    However, you can restrict all the access to the VM from the specific address of the service and allow the access to the azure agent through Windows Firewall. Not sure if this work around can help with your use case.

    Please see below steps for the same:

    110971-1-1.jpg
    110953-1-2.jpg
    110954-1-3.jpg

    Hope this helps answer your query.

    Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics.

    0 comments