Stack update may fail with 'SubnetList attribute not found' due to stale CloudFormation cache

Overview

KohaSupport CloudFormation templates use a Custom Resource backed by a SubnetFinder Lambda function. This Lambda inspects the VPC at deploy time and returns the list of subnets to use for the Auto Scaling Group.

CloudFormation caches Custom Resource (Lambda) responses per stack. The SubnetFinder Lambda is invoked once at stack creation. On subsequent stack updates, if the resource properties have not changed, CloudFormation reuses the cached response from the original invocation rather than re-invoking the Lambda.

If the new template version uses different attribute names in the Lambda response (for example, SubnetList vs AllSubnetsToUse), the cached response does not contain the expected attribute name. The stack update fails with a missing attribute error. Multiple rollback cycles can occur if the update is retried without resolving the underlying cause.

Affected Versions

• Standard tier (x86_64 and arm64) AMI builds released before 2026-05-29
• Free tier AMI builds released before 2026-05-29

Symptoms

Stack update fails and rolls back. In the CloudFormation Events tab, the SubnetFinder custom resource will show a failure with a message similar to:

Vendor response doesn't contain SubnetList attribute

or

AllSubnetsToUse attribute not found in response

The stack status will show UPDATE_ROLLBACK_COMPLETE after the rollback completes.

How to Check if You Are Affected

1. Open the CloudFormation console and select your KohaSupport stack.
2. Click the Events tab.
3. Look for a CREATE_FAILED or UPDATE_FAILED event on the SubnetFinder resource (or similar name).
4. If the status reason contains SubnetList or AllSubnetsToUse attribute errors, your stack is affected.

Remediation

Option 1: Wait for Patched CFN Template (Recommended)

A patched CloudFormation template is being prepared for republication on AWS Marketplace. The fix adds a Version stamp to the SubnetFinder Custom Resource properties. This forces CloudFormation to treat the resource as changed on every stack update, ensuring the Lambda is re-invoked with fresh output rather than serving a stale cached response.

When the patched template is available, proceed with the upgrade using the standard upgrade procedure:

See How to Upgrade Koha to a New AMI Version.

Option 2: Contact Support for Immediate Assistance

If you need to upgrade immediately, contact KohaSupport support. We can provide a patched template or walk you through a workaround to force the SubnetFinder resource to refresh its cached output.

Contact: [email protected] or use the contact form.

Option 3: If You Have Already Retried the Update

Do NOT attempt to apply the stack update multiple times without guidance. Each failed update attempt may create a new Launch Template version. If you have already retried:

• Do not attempt further updates until you contact support.
• We will verify that the Launch Template default version is correctly set before your next update attempt.
• Attempting further updates with an incorrect Launch Template default version may cause the ASG to launch instances from the wrong AMI.

Timeline