[AWS:EKS:Nodegroup] - [BUG] - CloudControl sends invalid update request when using a Nodegroup with custom Launch Template

[flostadler]

trafficstars

Name of the resource

AWS::EKS::Nodegroup

Resource Name

No response

Issue Description

Users can customize EKS Nodegroups with launch templates (see AWS docs).

When setting a custom AMI in the launch template, the UpdateNodegroupVersion API call must not include the following properties (see AWS docs):

• amiType
• releaseVersion
• version

But CloudControl includes them. The consequence is that those node groups cannot be updated.

Expected Behavior

When the launch template associated with a node group sets a custom AMI, the UpdateNodegroupVersion API call should not include:

• amiType
• releaseVersion
• version

You can detect if a custom AMI is used in the launch template by checking the node groups amiType property. That one is set to CUSTOM in that case.

Observed Behavior

The CloudControl UpdateResource call fails:

{
    "ProgressEvent": {
        "TypeName": "AWS::EKS::Nodegroup",
        "Identifier": "eks-1747-8c81e17/managed-nodes-d526726",
        "RequestToken": "acd85058-a6a5-4858-80bd-8288d36839c1",
        "Operation": "UPDATE",
        "OperationStatus": "FAILED",
        "EventTime": "2024-10-02T13:27:15.678000+02:00",
        "StatusMessage": "You cannot specify the field releaseVersion when using custom AMIs. (Service: Eks, Status Code: 400, Request ID: f1b163cc-5732-419e-96cf-150fe1ea3184)",
        "ErrorCode": "InvalidRequest"
    }
}

Test Cases

• EKS node group with custom launch template.
• The launch template specifies an AMI ID to use for the nodes
• Update the AMI ID in the launch template to use a newer version
• Update the node group to use the updated launch template <- fails

I attached details about the node group and launch template configuration I was using so you can reproduce it: launch_template.json nodegroup.json

Other Details

No response