Azure Instance Metadata Service
The Azure Instance Metadata service is an Azure service that provides more information about Azure Virtual Machines that is invoked from the machine itself. This way, the administrators of the machine - that in most cases have no access to the Azure Portal - are able to get more information and troubleshoot potential issues.
Let's use a linux virtual machine to get information from the metadata service!
To get the data from the service, a simple HTTP call is all that is required. However, there are a couple of things to keep in mind.
First, although we are using Automatic Private IP Addressing, we have to include the "Metadata" header so that the service won't mistake our call for a call that may be the result of a redirection.
Second, the version of the API to use must be provided in every request. To get the allowed values, simply call the service without the "api-version" parameter and it should return a list of values:
Now that we have a value for the version of the api to use, let's get some data about our machine:
Although we have the data, it's not so easy to read. Let's prettify it using Python:
Much better! We now have information about the Azure subscription, the size of the machine, the networking resources and many more!
From a Windows machine now, the place of curl is taken by the "Invoke-RestMethod" cmdlet. Again, we add the metadata header and the version of the API to use and convert the data to JSON to be human readable:
More information on the Azure Metadata Service can be found here.
I hope this helps all the administrators that don't have access to the virtual machines!
Let's use a linux virtual machine to get information from the metadata service!
To get the data from the service, a simple HTTP call is all that is required. However, there are a couple of things to keep in mind.
First, although we are using Automatic Private IP Addressing, we have to include the "Metadata" header so that the service won't mistake our call for a call that may be the result of a redirection.
Second, the version of the API to use must be provided in every request. To get the allowed values, simply call the service without the "api-version" parameter and it should return a list of values:
curl -H Metadata:true "http://169.254.169.254/metadata/instance"
Now that we have a value for the version of the api to use, let's get some data about our machine:
curl -H Metadata:true "http://169.254.169.254/metadata/instance?api-version=2017-08-01"
Although we have the data, it's not so easy to read. Let's prettify it using Python:
curl -H Metadata:true "http://169.254.169.254/metadata/instance?api-version=2017-08-01" | python -m json.tool
Much better! We now have information about the Azure subscription, the size of the machine, the networking resources and many more!
From a Windows machine now, the place of curl is taken by the "Invoke-RestMethod" cmdlet. Again, we add the metadata header and the version of the API to use and convert the data to JSON to be human readable:
Invoke-RestMethod -Headers @{"Metadata"="true"} http://169.254.169.254/metadata/instance?api-version=2019-06-01 -Method Get | % Compute | ConvertTo-Json
More information on the Azure Metadata Service can be found here.
I hope this helps all the administrators that don't have access to the virtual machines!