feat: relax cpu_options schema and add amd_sev_snp + nested_virtualization support

[brilong]

Summary

This PR updates the module’s CPU options plumbing to support newer EC2 Launch Template cpu_options fields (notably nested_virtualization and amd_sev_snp) while also making CPU topology settings optional so users aren’t forced to specify core_count/threads_per_core just to enable other CPU options.

Motivation / Problem

When configuring runners via multi-runner, the cpu_options object currently requires core_count and threads_per_core. This blocks use-cases where users want to set only newly-supported provider fields like nested_virtualization without also pinning CPU topology. AWS itself treats these settings as optional and instance-type-dependent.

What changed

• Relaxed the cpu_options object type so these fields are optional:
  • core_count
  • threads_per_core
• Added optional support for:
  • nested_virtualization (valid: enabled / disabled)
  • amd_sev_snp (valid: enabled / disabled)
• Added validation on amd_sev_snp and nested_virtualization to restrict values to enabled|disabled when set.
• Launch template wiring: updated the aws_launch_template cpu_options block to pass through amd_sev_snp and nested_virtualization (using try(..., null) so unset values remain unset).
• Multi-runner schema updated so per-runner cpu_options can include the new fields and no longer forces core_count/threads_per_core.

Compatibility / Notes

• Existing configurations that set core_count and threads_per_core continue to work.
• Users can now set nested_virtualization or amd_sev_snp without specifying CPU topology.
• AWS will still enforce instance-type support at API time (e.g., nested virt only on supported 8th-gen Intel families; SEV-SNP only on supported AMD families).

Testing

• terraform init
• terraform validate
• terraform plan with cpu_options.nested_virtualization = "enabled" on supported instance families

  instance_types:
    - c8i.xlarge
    - m8i.xlarge
    - r8i.xlarge
  cpu_options:
    nested_virtualization: enabled

Fixes #5040

[brilong]

 aws ec2 describe-launch-template-versions \                                                                                                                                                               
  --launch-template-name u24-nv-xl-amd64-runner \
  --versions '$Latest' \
  --query 'LaunchTemplateVersions[0].LaunchTemplateData.CpuOptions' \
  --output json
{
    "NestedVirtualization": "enabled"
}

[Brend-Smits]

Hey @brilong
Great feature! Thanks a lot for the contribution.
I've tested this change and reviewed it together with @stuartp44
I've pushed some small commits to update the terraform modules and reformatted some code to make the linters happy...

From my perspective this is good to get merged now!

[Brend-Smits]

Small comment, I notice that your (@brilong) commits don't have verified signatures.. This prevents us from merging the pull request. Could you please rebase your PR and make sure the commits are signed?
If you aren't able to do this, please let me know so I can rebase the commits and rewrite it and sign it.

[brilong]

@Brend-Smits I believe I have properly signed and verified my commits. Please take a look at let me know if you need anything else. Thank you!

[Brend-Smits]

@Brend-Smits I believe I have properly signed and verified my commits. Please take a look at let me know if you need anything else. Thank you!

Thanks Brian! I've approved the PR, now waiting for @npalm to merge this.

[brilong]

@npalm How does this look now? I updated the provider constraints to >= 6.33 in multiple places, both examples and module code.

[brilong]

Hello @Brend-Smits, are you waiting on me for anything else? Thanks.

[Brend-Smits]

Good from my point of view. Can we merge this now @npalm ?

[nacef3005]

Really need this change in my use case.