Kubernetes 1.24 changed the way serviceaccounttokens are presented by default on the cluster itself. If you need to retrieve the token, you mostly use a secret for this. This guide shows how to do this in kubernetes >= 1.24.
Writing terraform makes it easy to split code into modules. To avoid setting default values on each layer of the stack, use nullable to provide a way to fallback to the module's own default value.