Expand launch config customizations

[mheffner]

what

• This allows more settings of the launch config to be customized

why

• Allows public IP association of nodes to be configured (default: use subnet settings)
• User can disable detailed monitoring ($$)
• Customize metadata endpoint, including support for enabling IMDSv2

references

• Added to support addressing Launch template doesn't assign public IPv4 address terraform-aws-tailscale#11

[gberenice]

@mheffner thanks a lot for contributing to this module!
I have a bunch of naming suggestions to fit our naming practices, and also a question regarding associate_public_ip_address value.
Appreciate if you run terraform fmt against this configuration as well! 🙏

[gberenice]

Could you please add a variable to support both options?

[gberenice]

Suggested change

	http_protocol_ipv6 = var.metadata_ipv6 ? "enabled" : "disabled"
	http_protocol_ipv6 = var.http_protocol_ipv6_enabled ? "enabled" : "disabled"

[gberenice]

Suggested change

	http_tokens = var.enable_imdsv2 ? "required" : "optional"
	http_tokens = var.imdsv2_enabled ? "required" : "optional"

[gberenice]

Suggested change

	variable "metadata_ipv6" {
	variable "http_protocol_ipv6_enabled" {

[gberenice]

Suggested change

	variable "enable_imdsv2" {
	variable "imdsv2_enabled" {

[gberenice]

Suggested change

	description = "Enable IMDSv2"
	description = <<-EOT
	Whether or not the metadata service requires session tokens,
	also referred to as Instance Metadata Service Version 2 (IMDSv2).
	EOT

[gberenice]

Suggested change

	enabled = var.detailed_monitoring
	enabled = var.monitoring_enabled

[gberenice]

Suggested change

	variable "detailed_monitoring" {
	variable "monitoring_enabled" {

[gberenice]

I'm not sure this would work, see the doc:

Boolean value, can be left unset.

Could you please elaborate on the default fall back to the subnet setting?

[mheffner]

So I believe it's Terraform v0.12+ allows setting null to represent unset. I used default = null here to keep the default as the unset option and not require a user to set this variable.

My understanding is that if this isn't set, it'll use the property of the subnet on whether to assign a public IP address. We have public and private subnets in our VPC, on our public subnets they have "Associate public IPv4 address" set to true. When I tried this change with null, the nodes came up with a public IP address. I haven't tried using it in our private subnets, but my guess is they would not get a public IP there.

[gberenice]

Thank you for clarifying! That makes sense.
Yeah, I see now that this attribute has type nullable.TypeNullableBool in the provider, and allows to set the attribute to null explicitly.

[mheffner]

@gberenice sounds good and thanks for looking. I'll take a look at the changes. I could have sworn I setup Goland to run fmt, but I'll have to double check 😄

[mheffner]

I pushed name changes to the variables and made sure fmt ran this time. I maintained "metadata_" prefixes for the variable options related to the metadata endpoint, since it felt like they could be confusing as top-level variables without it.

[gberenice]

@mheffner LGTM, thanks for your contribution 💯