How to address the below error: 

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0997723

AWS Cloud Discovery with instance profile / IAM Role fails if IMDSv2 is used - agent logs.

03/10/22 18:50:50 (569) Worker-Standard:APIProxyProbe-1XXXXXXXXXXXXXXXXXXXXfa SEVERE *** ERROR *** resolveCredentialFromIAMInstanceProfile: Error Code : '3', Error Message : 'Method failed: (/latest/meta-data/iam/info) with code: 401 - Invalid username/password combo'
03/10/22 18:50:50 (616) Worker-Standard:APIProxyProbe-1XXXXXXXXXXXXXXXXXXXXfa SEVERE *** ERROR *** resolveCredentialFromIAMInstanceProfile: Was not able to obtain requested information for Discovery_Role
03/10/22 18:50:50 (616) Worker-Standard:APIProxyProbe-1XXXXXXXXXXXXXXXXXXXXfa SEVERE *** ERROR *** resolveCredentialFromIAMInstanceProfile: Error Code : '3', Error Message : 'Method failed: (/latest/meta-data/iam/info) with code: 401 - Invalid username/password combo'
03/10/22 18:50:50 (616) Worker-Standard:APIProxyProbe-1XXXXXXXXXXXXXXXXXXXXfa SEVERE *** ERROR *** resolveCredentialFromIAMInstanceProfile: Was not able to obtain requested information for Discovery_Role

You can use the modify-instance-metadata-options CLI command with http-tokens set to optional to restore the use of IMDSv1 when requesting instance metadata.

aws ec2 modify-instance-metadata-options \
    --instance-id i-1234567898abcdef0 \
    --http-tokens optional \
    --http-endpoint enabled
Live Steps: You can run them on the console.
describe what we have on Instance 
1.aws ec2 describe-instances \--instance-ids i-xxxxxxxxxxx9

How to make sure IMDSV2 is optional on ec2 instance
2. aws ec2 modify-instance-metadata-options --instance-id i-xxxxxxxxxxx9 --http-tokens optional --http-endpoint enabled

This will allow cloud discovery to work as expected if it is throwing IMDSV2 error.