AWS Certified Advanced Networking - Specialty (#42)

Your security team implements a host-based firewall on all of your Amazon Elastic Compute Cloud (EC2) instances to block all outgoing traffic. Exceptions must be requested for each specific requirement. Until you request a new rule, you cannot access the instance metadata service. Which firewall rule should you request to be added to your instances to allow instance metadata access?

Inbound; Protocol tcp; Source [Instance’s EIP]; Destination 169.254.169.254
Inbound; Protocol tcp; Destination 169.254.169.254; Destination port 80
Outbound; Protocol tcp; Destination 169.254.169.254; Destination port 80
Outbound; Protocol tcp; Destination 169 .254.169.254; Destination port 443