Add option for disable legacy imds endpoints - security issue

[VAdamec]

Description

Possibility / new default for any instance in OCI - imdsv2 only

Use Case(s)

As IMDSv1 is unsecure we need to enforce v2 only

Potential configuration

    instance_options {
      are_legacy_imds_endpoints_disabled = "true
    }

GO SDK - core/instance_configuration_instance_options.go

...
AreLegacyImdsEndpointsDisabled *bool `mandatory:"false" json:"areLegacyImdsEndpointsDisabled"`
...

[VAdamec]

Workaround for now (sample only)

provisioner "shell-local"{
        environment_vars = ["INSTANCE_ID=${build.ID}"]
        execute_command = ["sh", "-c", "{{.Vars}} {{.Script}}"]
        scripts = ["script/bugfixer.sh"]
    }

and

# script/bugfixer.sh
oci compute instance update --region=${REGION} \
--instance-options '{"areLegacyImdsEndpointsDisabled": "true"}' \
--force --instance-id ${INSTANCE_ID}

[yugalarora]

This is resolved now by #137