Summary
Upgrade the default AWS Load Balancer Controller (aws-load-balancer-controller) from Helm chart 1.6.0 (app v2.6.0) to chart v3.2.2 (app v3.2.2+).
Why this is needed
Chart 1.6.0 corresponds to AWS LBC app version v2.6.0, released August 2023. This version has no validation against Kubernetes 1.36 (released April 2026). AWS only actively tests and supports recent controller versions against new EKS releases. Running a ~3-year-old controller on a new cluster version is an operational risk.
Additionally, the v3.x line introduced improvements including updated Gateway API support (1.3 → 1.5) and corrected VPC tag filtering semantics.
This upgrade is a prerequisite for the planned Kubernetes 1.36 upgrade on EKS clusters.
Relevant links:
Backward compatibility
AWS LBC v3.2.2 requires Kubernetes 1.22+. It can be deployed in place on clusters currently running K8s 1.31 through 1.35 — this upgrade can be performed independently of and prior to the Kubernetes 1.36 upgrade.
Breaking changes in the upgrade (v2 → v3)
- Helm chart versioning — In v3.x, the Helm chart version aligns with the app version (previously chart v1.x = app v2.x). This changes how version pinning is expressed.
- VPC tag filtering — The
--aws-vpc-tags flag now requires ALL specified tags to match (previously allowed partial matches). Review any VPC tag configurations.
- Gateway API version — Gateway API bumped from 1.3 to 1.5;
TLSRoute promoted from alpha to v1. Affects any NLB Gateway configurations.
Acceptance criteria
Summary
Upgrade the default AWS Load Balancer Controller (aws-load-balancer-controller) from Helm chart
1.6.0(app v2.6.0) to chartv3.2.2(app v3.2.2+).Why this is needed
Chart 1.6.0 corresponds to AWS LBC app version v2.6.0, released August 2023. This version has no validation against Kubernetes 1.36 (released April 2026). AWS only actively tests and supports recent controller versions against new EKS releases. Running a ~3-year-old controller on a new cluster version is an operational risk.
Additionally, the v3.x line introduced improvements including updated Gateway API support (1.3 → 1.5) and corrected VPC tag filtering semantics.
This upgrade is a prerequisite for the planned Kubernetes 1.36 upgrade on EKS clusters.
Relevant links:
Backward compatibility
AWS LBC v3.2.2 requires Kubernetes 1.22+. It can be deployed in place on clusters currently running K8s 1.31 through 1.35 — this upgrade can be performed independently of and prior to the Kubernetes 1.36 upgrade.
Breaking changes in the upgrade (v2 → v3)
--aws-vpc-tagsflag now requires ALL specified tags to match (previously allowed partial matches). Review any VPC tag configurations.TLSRoutepromoted from alpha to v1. Affects any NLB Gateway configurations.Acceptance criteria
v3.2.2(or latest v3.x) inworkload.go