IMDS v2 (Instance Metadata Service) introduced session authentication tokens which improve security when talking to IMDS.
aws_instance resource sets IMDS session auth tokens to be optional.
To fully protect IMDS you need to enable session tokens by using
metadata_options block and its
http_tokens variable set to
The following example will fail the AWS079 check.
The following example will pass the AWS079 check.