feat: IMDSv2 metadata configuration in Launch Templates (#938)

NOTES: Addition of the IMDSv2 metadata configuration block to Launch Templates will cause a diff to be generated for existing Launch Templates on first Terraform apply. The defaults match existing behaviour.

README.md

@@ -135,7 +135,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | Name | Version |
 |------|---------|
 | terraform | >= 0.12.9 |
-| aws | >= 2.52.0 |
+| aws | >= 2.55.0 |
 | kubernetes | >= 1.11.1 |
 | local | >= 1.4 |
 | null | >= 2.1 |
@@ -146,7 +146,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 
 | Name | Version |
 |------|---------|
-| aws | >= 2.52.0 |
+| aws | >= 2.55.0 |
 | kubernetes | >= 1.11.1 |
 | local | >= 1.4 |
 | null | >= 2.1 |

local.tf

@@ -85,6 +85,9 @@ locals {
     eni_delete                           = true                                     # Delete the Elastic Network Interface (ENI) on termination (if set to false you will have to manually delete before destroying)
     cpu_credits                          = "standard"                               # T2/T3 unlimited mode, can be 'standard' or 'unlimited'. Used 'standard' mode as default to avoid paying higher costs
     market_type                          = null
+    metadata_http_endpoint               = "enabled"  # The state of the metadata service: enabled, disabled.
+    metadata_http_tokens                 = "optional" # If session tokens are required: optional, required.
+    metadata_http_put_response_hop_limit = null       # The desired HTTP PUT response hop limit for instance metadata requests.
     # Settings for launch templates with mixed instances policy
     override_instance_types                  = ["m5.large", "m5a.large", "m5d.large", "m5ad.large"] # A list of override instance types for mixed instances policy
     on_demand_allocation_strategy            = null                                                 # Strategy to use when launching on-demand instances. Valid values: prioritized.

versions.tf

@@ -2,7 +2,7 @@ terraform {
   required_version = ">= 0.12.9"
 
   required_providers {
-    aws        = ">= 2.52.0"
+    aws        = ">= 2.55.0"
     local      = ">= 1.4"
     null       = ">= 2.1"
     template   = ">= 2.1"

workers_launch_template.tf

@@ -278,6 +278,24 @@ resource "aws_launch_template" "workers_launch_template" {
     )
   )
 
+  metadata_options {
+    http_endpoint = lookup(
+      var.worker_groups_launch_template[count.index],
+      "metadata_http_endpoint",
+      local.workers_group_defaults["metadata_http_endpoint"],
+    )
+    http_tokens = lookup(
+      var.worker_groups_launch_template[count.index],
+      "metadata_http_tokens",
+      local.workers_group_defaults["metadata_http_tokens"],
+    )
+    http_put_response_hop_limit = lookup(
+      var.worker_groups_launch_template[count.index],
+      "metadata_http_put_response_hop_limit",
+      local.workers_group_defaults["metadata_http_put_response_hop_limit"],
+    )
+  }
+
   credit_specification {
     cpu_credits = lookup(
       var.worker_groups_launch_template[count.index],