feat!: Raise minimum required Terraform version to 1.0+

[bryantbiggs]

Description

• Raise minimum required Terraform version to 1.0+
• Add support for ignoring changes to the instances AMI ID; this does not apply to the spot instance since that is less applicable to living for a long duration
• Update default metadata_options to enforce IMDSv2 for stronger security posture
• Update t-type logic to account for t4g instance type

Motivation and Context

• Resolves Allow AMI change to be ignored #325
• Resolves bump versions.tf for module 4.3.1 #330

Breaking Changes

• Yes

How Has This Been Tested?

• I have updated at least one of the examples/* to demonstrate and validate my change(s)
• I have tested and validated these changes using one or more of the provided examples/* projects
• I have executed pre-commit run -a on my pull request

[antonbabenko]

I see you like to have copy-paste just to have this use-case covered :)

[bryantbiggs]

Its such a bad hack! @AdamTylerLynch use your influence to help us avoid having to use these ugly hacks 🙏🏽 😬 There are valid use cases where you want to initialize a value and then forget it, but we cannot do that in Terraform in a clean way currently (nor give users the ability to specify which values they wish to ignore which means we have to pick and choose which ones we are going to hardcode into the module)

[antonbabenko]

Minor comments here and there.

[antonbabenko]

This should be reverted (in both resources) because var.ephemeral_block_device is a list.

[bryantbiggs]

whoops, ya I tried to use this and forgot we had it as a list. Looks like I only corrected the EBS block device, I'll revert all of these each.keys

[antonbabenko]

Probably try() here and in all (or almost all other places in this file), too.

[bryantbiggs]

I suspect we'll have users who are wrapping this module in their own module, so I avoided converting any arguments that might be passed as computed attributes to try() to avoid https://github.com/clowdhaus/terraform-for-each-unknown

So any of the kms_key_id, snapshot_id, network_interface_id, etc. I left as lookup()s so that they don't throw the unknown computed value error when wrapped in another module

[antonbabenko]

LGTM

[antonbabenko]

This PR is included in version 5.0.0 🎉

[dhoppe]

@bryantbiggs Has this been tested with the new variable ignore_ami_changes? I get the following error message, but only if the value of this variable is set to true.

╷
│ Error: Output refers to sensitive values
│
│   on outputs.tf line 146:
│  146: output "ami" {
│
│ To reduce the risk of accidentally exporting sensitive data that was
│ intended to be only internal, Terraform requires that any root module
│ output containing sensitive data be explicitly marked as sensitive, to
│ confirm your intent.
│
│ If you do intend to export this data, annotate the output value as
│ sensitive by adding the following argument:
│     sensitive = true
╵
`´´

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.