Feature Overview (aka. Goal Summary)

Enhance EC2 Instance Metadata Service (IMDS) configurability for HCP node pools, allowing customers to leverage AWS account-level IMDS defaults while providing options for granular, instance-level control when needed.

Goals (aka. expected user outcomes)

• Enable cluster administrators to rely on their AWS account+region level IMDS settings by default for HCP node pools.
• Provide cluster service consumers with the ability to configure IMDS settings (v2-optional or v2-required) at the node pool level when more granular control is required.
• Align HCP IMDS configuration capabilities with those of standalone OCP clusters.

Requirements (aka. Acceptance Criteria):

• By default, HCP should not set any specific IMDS version, allowing AWS account+region level settings to take effect.
• Implement an API option to configure IMDS at the node pool level with choices: no setting (use AWS account default), IMDSv2-optional, or IMDSv2-required.
• Ensure that IMDS settings are correctly applied and maintained during node creation, autoscaling, and auto-healing scenarios.
• Provide clear documentation on IMDS configuration options and their implications.
• Implement appropriate error handling and user feedback for IMDS configuration attempts.
• Ensure backward compatibility with existing HCP clusters and node pools.
• Performance impact of IMDS configuration changes should be minimal.
• Security considerations: Ensure that IMDS configuration changes do not introduce vulnerabilities.

Use Cases (Optional):

1. Default behavior: Cluster service consumer creates an HCP node pool without specifying IMDS settings, and instances inherit AWS account-level defaults.
2. Granular control: Cluster service consumer configures a node pool to use IMDSv2-required for enhanced security.
3. Mixed configuration: Cluster service consumer creates multiple node pools with different IMDS settings based on workload requirements.

Questions to Answer (Optional):

1. How will changing IMDS settings affect existing nodes in a node pool?
2. What's the impact on applications that may rely on specific IMDS versions?
3. How do we handle scenarios where AWS account settings change after node pool creation?

Out of Scope

• Modifying AWS account-level IMDS settings
• Configuring IMDS settings for non-EC2 instance types
• Automatic migration of existing clusters to new IMDS configuration options

Background 

AWS has[ introduced account-level defaults|https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#set-imdsv2-account-defaults] for IMDS settings, and many enterprises are moving towards requiring IMDSv2 for enhanced security. HCP needs to adapt to these changes while maintaining flexibility for various customer needs.

Customer Considerations

• Ensure smooth transition for customers who may be relying on current IMDS behavior
• Provide clear guidance on security implications of different IMDS configurations
• Consider impact on customers with mixed environments (different AWS accounts with different IMDS defaults)

Documentation Considerations

• Update HCP documentation to explain new default behavior and configuration options
• Provide examples of common IMDS configuration scenarios
• Include troubleshooting guide for IMDS-related issues
• Link to AWS documentation on IMDS best practices