feat: update cloudposse/eks-node-group/aws to 3.3.2 #minor

[public-glueops-renovatebot]

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/eks-node-group/aws (source)	module	minor	3.1.1 -> 3.3.2

---

Release Notes

cloudposse/terraform-aws-eks-node-group (cloudposse/eks-node-group/aws)

v3.3.2

Compare Source

Add AL2023_ARM_64_NVIDIA ami type @​ricky26j (#​216)

what

Add AL2023_ARM_64_NVIDIA ami type

why

• This will allow users to utilize this module for these AMIs, which were first released in April

🤖 Automatic Updates

Fix go version in tests @​osterman (#​215)

what

• Update go 1.24

why

• Error loading shared library libresolv.so.2 in Go 1.20

References

• https://sweetops.slack.com/archives/G014YEKDH4K/p1746672149263629
• https://github.com/golang/go/issues/59305#issuecomment-1488478737
• https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn/pull/294/#issuecomment-2859195553

chore(deps): bump golang.org/x/net from 0.23.0 to 0.33.0 in /test/src in the go_modules group @​[dependabot[bot]](https://redirect.github.com/apps/dependabot) (#​206)

Bumps the go_modules group in /test/src with 1 update: [golang.org/x/net](https://redirect.github.com/golang/net).

Updates golang.org/x/net from 0.23.0 to 0.33.0

Commits

• dfc720d go.mod: update golang.org/x dependencies
• 8e66b04 html: use strings.EqualFold instead of lowering ourselves
• b935f7b html: avoid endless loop on error token
• 9af49ef route: remove unused sizeof* consts
• 6705db9 quic: clean up crypto streams when dropping packet protection keys
• 4ef7588 quic: handle ACK frame in packet which drops number space
• 552d8ac Revert "route: change from syscall to x/sys/unix"
• 13a7c01 Revert "route: remove unused sizeof* consts on freebsd"
• 285e1cf go.mod: update golang.org/x dependencies
• d0a1049 route: remove unused sizeof* consts on freebsd
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

v3.3.1

Compare Source

feat: Add Bottlerocket FIPS image variants @​matt--williams (#​212)

what

• Add Bottlerocket FIPS image variants

why

• Allows users to deploy the FIPS variant, similar to the current NVIDIA variant.

references

• None

🤖 Automatic Updates

Replace Makefile with atmos.yaml @​osterman (#​211)

what

• Remove Makefile
• Add atmos.yaml

why

• Replace build-harness with atmos for readme genration

References

• DEV-3229 Migrate from build-harness to atmos

v3.3.0

Compare Source

🚀 Enhancements

Include new AMI types AL2023_x86_64_(NVIDIA|NEURON) @​m-wynn (#​202)

what

• Amazon has some new AMI types
  • AL2023_x86_64_NEURON
  • AL2023_x86_64_NVIDIA
• These follow the same SSM parameters
  • /aws/service/eks/optimized-ami/1.31/amazon-linux-2023/x86_64/neuron/amazon-eks-node-al2023-x86_64-neuron-1.31-v20250103/image_id
  • /aws/service/eks/optimized-ami/1.31/amazon-linux-2023/x86_64/nvidia/amazon-eks-node-al2023-x86_64-nvidia-1.31-v20250103/image_id
  • /aws/service/eks/optimized-ami/1.31/amazon-linux-2023/x86_64/neuron/recommended/image_id
  • /aws/service/eks/optimized-ami/1.31/amazon-linux-2023/x86_64/nvidia/recommended/image_id

why

We want to be able to deploy all types of AMIs into our cluster for GPU and ML purposes. These are the AL2023 equivalents of AL2_x86_64_GPU

references

https://github.com/awslabs/amazon-eks-ami/releases
https://aws.amazon.com/blogs/containers/amazon-eks-optimized-amazon-linux-2023-accelerated-amis-now-available/

🐛 Bug Fixes

Bugfixes @​Nuru (#​205)

what

• Fix use of var.kubernetes_version
• Configure Terraform to create new node group before destroying old one when switching var.create_before_destroy from false to true
• Revert code to be compatible with Terraform v1.3
• Update test dependencies
• Better tolerance of inputs from disabled EKS cluster module

why

• Incorrectly treated list as scalar
• Better user experience to implement create-before-destroy behavior when selecting that behavior
• Version spec says module is compatible with Terraform 1.3
• Keep current
• Reduce special handling needed by client modules when setting enabled=false

references

• Supersedes #​204
• Closes #​199
• Closes #​188
• Supersedes and closes #​201
• Supersedes and closes #​192

v3.2.0

Compare Source

feat: Add support for enabling node-repair on worker nodes @​ChrisMcKee (#​203)

what

Adds support for node-repair feature in EKS

why

Its taken AWS years to add basic features to kill off nodes when kubelet dies

references

• https://docs.aws.amazon.com/eks/latest/userguide/node-health.html
• https://aws.amazon.com/about-aws/whats-new/2024/12/node-health-monitoring-auto-repair-amazon-eks/

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[codiumai-pr-agent-free]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
⚪	No custom compliance provided Follow the guide to enable custom compliance check.

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[codiumai-pr-agent-free]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Use updated module variable name In node_pool.tf, replace the deprecated ec2_ssh_key_name variable with key_name to align with the updated module version 3.3.2. node_pool.tf [7] -ec2_ssh_key_name = each.value.ssh_key_pair_names +key_name = each.value.ssh_key_pair_names Apply / Chat Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies a breaking change in the updated module version; the ec2_ssh_key_name variable was renamed to key_name, and this fix is required for the PR to be functional.	High
More