chef-automate provision is failing for AMI images with IMDSv2

[Sunanda-Boorla]

🔩 Description: What code changed, and why?

1. Chef-automate provisioning is failing if AMI Images use IMDSv2. So modified the terraform code to access metadata fields by passing metadata token in header.
2. All the instances created will now use IMDSv2.
3. To access metadata fields, metadata token is generated and passed in headers to access metadata fields (ex: local-ipv4)

⛓️ Related Resources

https://chefio.atlassian.net/browse/CHEF-3495

👍 Definition of Done

Chef-automate provision will be successful

👟 How to Build and Test the Change

1. git checkout this branch
2. hab studio enter
3. rebuild components/automate-cluster-ctl/
4. rebuild components/automate-backend-deployment/
5. upload this packages to your origin and the packages in your manifest.json. Create a bundle
6. chef-automate provision-infra config.toml --airgap-bundle <path/to/aib>
7. chef-automate deploy config.toml --airgap-bundle <path/to/aib>

AWS MANAGED and NON-MANAGED:
Testing scenarios:

1. ubuntu 20.04 with IMDSv1 bastion and with metadata changes
2. ubuntu 20.04 with IMDSv1 bastion and bundle of old[without metadata changes] and upgrade to new bundle [with metadata changes]
3. ubuntu 20.04 with IMDSv2 bastion and with metadata changes
4. amazon linux 2 with IMDSv1 bastion and with metadata changes
5. amazon linux 2 with IMDSv1 bastion and bundle of old[without metadata changes] and upgrade to new bundle [with metadata changes]
6. amazon linux 2 with IMDSv2 bastion and with metadata changes
7. Backup-restore in all the above cases
8. node add/remove

✅ Checklist

All PRs must tick these:

• I have read the CONTRIBUTING document.
• All commits signed-off for the Developer Certification of Origin.

With occasional exceptions, all PRs from Progress employees must tick these:

• Is the code clear? (complicated code or lots of comments--subdivide and use well-named methods, meaningful variable names, etc.)
• Consistency checked? (user notifications, user prompts, visual patterns, code patterns, variable names)
• Repeated code blocks eliminated? (adapt and reuse existing components, blocks, functions, etc.)
• Spelling, grammar, typos checked? (at a minimum use make spell in any component directory)
• Code well-formatted? (indents, line breaks, etc. improve rather than hinder readability)

All PRs from Progress employees should tick these if appropriate:

• Tests added/updated? (all new code needs new tests)
• Docs added/updated? (all customer-facing changes)

Please add a note next to any checkbox above if you are NOT ticking it.

📷 Screenshots, if applicable

Security hub issue resolved for IMDSv2:

Demo videos:

Amazon linux 2 IMDSV1 with metadata changes

Amazon linux 2 IMDSv2 with metadata changes

Amazon linux 2 Upgrade scenario

Amazon linux 3 IMDSv2 AMI

Ubuntu 20.04 IMDSv2 with metadata changes

Ubuntu 20.04 IMDSv1 with metadata changes

Ubuntu 20.04 Upgrade scenario

[netlify]

👷 Deploy Preview for chef-automate processing.

Name	Link
🔨 Latest commit	8d3ca91
🔍 Latest deploy log	https://app.netlify.com/sites/chef-automate/deploys/6495584a87aee300080f93de

[sonarqube-for-infrastructure-prod]

SonarQube Quality Gate

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information