Cannot upgrade EKS



I have a EKS cluster with version 1.16 and try to update to 1.17 but failed with the following error due to missing default security group (deleted)

2021-11-13 09:19:19 [ℹ] will upgrade cluster "xxx" control plane from current version "1.16" to "1.17" Error: InvalidRequestException: The security group 'sg-0fdxxx' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidGroup.NotFound; Request ID: xxx-xxx-xxx-xxx-xxx; Proxy: null)

There seems to be no other way to update it so I wait for the force updating from AWS when it comes to the end of support date. However, nothing has happened. So I would like to ask is there anyway to restore the old security group or remove the default one in the current cluster to allow updating or not


asked 2 years ago176 views
2 Answers

If this was the control plane security group, I don't believe you can modify this and you won't be able to re-create the security group ID. Your best option at this point is to rebuild the cluster. Please also see:

profile pictureAWS
answered 2 years ago

Yes, I saw that issue long time ago. However, my cluster here is production one and it will take more effort to rebuild and migrate all the things there. I'm also wondering why the force update does not happen. At least, I can try to schedule downtime for this

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions