scope support for AWS deployments that have IMDSv1 disabled (GEO group)

Proposal

AWS is starting to recommend that their customers disable IMDSv1, for example EKS.

Customers who deploy GitLab with IMDSv1 disabled are likely to have a bad experience as some functionality will work, some functionality will not.

It is unclear which GitLab capabilities depend on IMDS for functionality in AWS, such as obtaining IAM credentials.

A non exhaustive list within groupgeo:

• Backups to object storage. Consolidated object storage configuration can’t be used for backups. Does it otherwise use the same components as the rest of Rails, ie: would this work because of the Fog update in %13.7?

---

This is one of a number of issues around GitLab support for deployments with only IMDSv2 enabled. For more information see the description and comments in: #334160

---

Proposal

Scope which GitLab components owned by groupgeo use IMDS but won't work with IMDSv1 disabled.

Links to related issues and merge requests / references

• Parent issue: #334160
• Rails - Fog update to v3.6.7 Issue: #287816 (closed), MR (13.7): !48519 (merged)