added section on IMDS version to the readme

Author: stefanmoser

deps/rabbitmq_aws/README.md

@@ -34,7 +34,16 @@ The credentials values have the following precedence:
  - Environment variables
  - Credentials file
  - EC2 Instance Metadata Service
- 
+
+### EC2 Instance Metadata Service Versions
+
+There are two versions of the EC2 Instance Metadata Service that are available by default on EC2 instances; IMDSv1 and IMDSv2 which is protected by session authencation
+and [adds defenses against aditional vulnerabilities](https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/).
+AWS recommends adopting IMDSv2 and disabling IMDSv1 [by configuring the Instance Metadata Service on the EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html).
+
+By default *rabbitmq-aws* will attempt to use IMDSv2 first and will fallback to use IMDSv1 if calls to IMDSv2 fail. This behavior can be overridden
+by setting the ``aws_prefer_imdsv2`` setting to ``false``.
+
 ### Environment Variables
 
 As with the AWS CLI, the following environment variables can be used to provide 
@@ -67,7 +76,7 @@ configuration or to impact configuration behavior:
 ## Example Usage
 
 The following example assumes that you either have locally configured credentials or that
-you're using the AWS Instance Metadata service for credentials:
+you're using the EC2 Instance Metadata Service for credentials:
 
 ```erlang
 application:start(rabbitmq_aws).