https://book.hacktricks.xyz/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf
https://github.com/Prinzhorn/cloud-metadata-services
SSRF -> EC2 Metadata API -> IAM临时Security Token -> AWS SSM -> RCE
SSRF -> EC2 Metadata API -> IAM临时Security Token -> AWS Lambda -> RCE
SSRF -> EC2 Metadata API -> IAM临时Security Token -> AWS S3 -> 信息泄漏
RCE -> EC2 Metadata API -> IAM临时Security Token -> AWS EC2/S3/Lambda
RCE -> EC2 Metadata API -> EC2 Userdata -> 敏感凭证 -> 其他EC2或者云服务