[EC2] unable to enable InstanceMetadataTags because of defaultResourceTags

[mooseracerPT]

Describe the bug When trying to set Instance.spec.metadataOptions.instanceMetadataTags="enabled" the EC2 API will throw an exception because the defaultResourceTags that get automatically added to the Instance fail the API's regex check.

Steps to reproduce

1. Tag any EC2 instance with one of the defaultResourceTags: services.k8s.aws/controller-version=ec2-v1.0.1 or services.k8s.aws/namespace=myNamespace
2. Try to enable instance metadata: aws ec2 modify-instance-metadata-options --instance-id i-0773be38e88b12345 --instance-metadata-tags enabled

The EC2 API will throw an error.

An error occurred (InvalidParameterValue) when calling the ModifyInstanceMetadataOptions operation: 'services.k8s.aws/namespace' is not a valid tag key. Tag keys must match pattern ([0-9a-zA-Z\-_+=,.@:]{1,255}), and must not be a reserved name ('.', '..', '_index')

The same error will show up in the controller logs if you tried to enable it via Instance.spec.metadataOptions.instanceMetadataTags.

2023-04-27T23:48:04.105Z ERROR controller.instance Reconciler error {"reconciler group": "ec2.services.k8s.aws", "reconciler kind": "Instance", "name": "qa951-instance", "namespace": "qa951", "error": "InvalidParameterValue: 'services.k8s.aws/controller-version' is not a valid tag key. One or more of the instances on the request is enabled for Instance Metadata Tags option which can only use letters (a-z, A-Z), numbers (0-9), and the following characters: '+ - = . , _ : @'. Instance tag keys can't contain spaces or '/', and can't comprise only '.' (one period), '..' (two periods), or '_index'\n\tstatus code: 400, request id: f07cd699-6abc-4e28-a4fc-35cd66be40d4"}

Expected outcome The EC2 API should report something like

{
    "InstanceId": "i-0773be38e88b12345",
    "InstanceMetadataOptions": {
        "State": "pending",
        "HttpTokens": "optional",
        "HttpPutResponseHopLimit": 1,
        "HttpEndpoint": "enabled",
        "HttpProtocolIpv6": "disabled",
        "InstanceMetadataTags": "enabled"
    }
}

Environment

• Kubernetes version 1.25
• Using EKS (yes/no), if so version? yes, eks.1
• AWS service targeted (S3, RDS, etc.) EC2

[a-hilaly]

cc @LikithaVemulapalli

[LikithaVemulapalli]

Hello @mooseracerPT , apologies for the late response, currently we do not support any modify operations for instance resource, from the initial error, I can see that it triggered ModifyInstanceMetadataOptions, I'm not getting any errors upon creating an instance with Instance.spec.metadataOptions.instanceMetadataTags enabled, can you please share the yaml file that you used to create the resource. If you had created a resource with default tags and then modified that resource then you will get errors as there is no functionality implemented to handle such scenarios.

[ack-bot]

Issues go stale after 180d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 60d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle stale

[ack-bot]

Stale issues rot after 60d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten. Rotten issues close after an additional 60d of inactivity. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle rotten

[ack-bot]

Issues go stale after 180d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 60d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle stale