Installing `TargetGroupBinding` on IMDSv2 Requires Setting Hop Limit to 3

[hakenmt]

Describe the bug I'm installing a TargetGroupBinding on EKS optimized AMIs via CDK and it fails with an error: Error from server (Forbidden): error when creating "/tmp/manifest.yaml": admission webhook "mtargetgroupbinding.elbv2.k8s.aws" denied the request: unable to get target group IP address type: NoCredentialProviders: no valid providers in chain. Deprecated.\n\tFor verbose messaging see aws.Config.CredentialsChainVerboseErrors

Steps to reproduce Deploy on a base EKS cluster, v1.30, using aws-load-balancer-controller v2.8.1 via Helm chart. AMI ID amazon-eks-node-al2023-arm64-standard-1.30-v20240605.

Expected outcome The documentation should state that for this application the hop limit needs to explicitly be set to 3 instead of the standard value of 2.

Environment

[hakenmt]

Sorry, I just figured out the default on this AMI has the hop limit set to 1, not 2 as indicated in some places. May be worth indicating that either the hop limit needs to be set to 2 or show an example of how to use pod identity with the load balancer controller.

[oliviassss]

@hakenmt, thanks for raising this issue. Pls check this comment: https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/3695#issuecomment-2151502349 closing for duplicate.