If users can issue arbitrary commands on an instance then that instance should have zero Iam roles and should delegate actions to services running on separate instances.
The instances hosting our users go a step further and null route Metadata service requests via iptables.
It isn't just about users, its also about malicious software you may accidentally install, if for example a library you use is compromised as has happened before with Ruby gems.
The instances hosting our users go a step further and null route Metadata service requests via iptables.