RaJiska
commented
4 months ago IMDSv2 has already been added through https://github.com/RaJiska/terraform-aws-fck-nat/pull/16.
Version 1.2.0 currently does not have those changes as they are only committed to the master branch without having gotten an actual release. I will make sure to make a new release either either this week or next week so that newest features are available without having to use master branch which can be rather unstable.
As for the content of your PR, any reason why you set http_put_response_hop_limit to 2? In this case it shouldn't be necessary.
i am not sure why imdsv2 is showing optional instead of required, i am using the v1.2.0 on terraform registry, although limiting the number of network hops for the PUT responses would reduce SSRF attacks for the ec2.
or will this impact the networking config of fck-nats?