AWS-UpdateEKSManagedNodegroupVersion - Amazon Systems Manager Automation runbook reference
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS-UpdateEKSManagedNodegroupVersion

Description

This runbook updates managed node groups in your Amazon EKS cluster to the latest AMI version. For more information about this update process, see Updating a managed node group in the Amazon EKS User Guide. We also recommend that you review the following topics before you use the AWS-UpdateEKSManagedNodegroupVersion runbook.

If your cluster uses autoscaling, scale the deployment down to zero replicas to avoid conflicting scaling actions.

To scale a deployment to zero replicas

  1. Install the Kubernetes command line utility, kubectl . For more information, see Installing kubectl in the Amazon EKS User Guide.

  2. Run the following command.

    kubectl scale deployments/cluster-autoscaler --replicas=0 -n kube-system

  3. Run the AWS-UpdateEKSManagedNodegroupVersion runbook.

  4. Scale the deployment back to the desired number of replicas by running the following command.

    
                        kubectl scale deployments/cluster-autoscaler --replicas=
                        number
                        -n kube-system

Run this Automation (console)

Document type

Automation

Owner

Amazon

Platforms

Linux, macOS, Windows

Parameters

  • AutomationAssumeRole

    Type: String

    Description: (Optional) The Amazon Resource Name (ARN) of the Amazon Identity and Access Management (IAM) role that allows Systems Manager Automation to perform the actions on your behalf. If no role is specified, Systems Manager Automation uses the permissions of the user that starts this runbook.

  • ClusterName

    Type: String

    Description: (Required) The name of the Amazon EKS cluster.

  • NodeGroupName

    Type: String

    Description: (Required) The name of the managed node group.

  • LaunchTemplateVersion

    Type: String

    Description: (Optional) The Amazon Elastic Compute Cloud (Amazon EC2) launch template version. This parameter is only valid if a node group was created from a launch template.

  • ForceUpgrade

    Type: Boolean

    Description: (Optional) If true, the update won't fail in response to a pod disruption budget violation.

Required IAM permissions

The AutomationAssumeRole parameter requires the following actions to successfully use the runbook.

  • eks:DescribeNodegroup

  • eks:UpdateNodegroupVersion

Document Steps

aws:executeScript - UpdateEKSManagedNodegroupVersion: Updates the AMI version used by a managed node group in an Amazon EKS cluster.