diff --git a/aws/resource_aws_eks_node_group_test.go b/aws/resource_aws_eks_node_group_test.go
index 28bfdf51a2b..42a1cc87816 100644
--- a/aws/resource_aws_eks_node_group_test.go
+++ b/aws/resource_aws_eks_node_group_test.go
@@ -271,6 +271,7 @@ func TestAccAWSEksNodeGroup_Labels(t *testing.T) {
 func TestAccAWSEksNodeGroup_ReleaseVersion(t *testing.T) {
 	var nodeGroup1 eks.Nodegroup
 	rName := acctest.RandomWithPrefix("tf-acc-test")
+	ssmParameterDataSourceName := "data.aws_ssm_parameter.test"
 	resourceName := "aws_eks_node_group.test"
 
 	resource.ParallelTest(t, resource.TestCase{
@@ -279,10 +280,10 @@ func TestAccAWSEksNodeGroup_ReleaseVersion(t *testing.T) {
 		CheckDestroy: testAccCheckAWSEksNodeGroupDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSEksNodeGroupConfigReleaseVersion(rName, "1.14.8-20191213"),
+				Config: testAccAWSEksNodeGroupConfigReleaseVersion(rName),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSEksNodeGroupExists(resourceName, &nodeGroup1),
-					resource.TestCheckResourceAttr(resourceName, "release_version", "1.14.8-20191213"),
+					resource.TestCheckResourceAttrPair(resourceName, "release_version", ssmParameterDataSourceName, "value"),
 				),
 			},
 			{
@@ -637,7 +638,7 @@ func testAccCheckAWSEksNodeGroupDisappears(nodeGroup *eks.Nodegroup) resource.Te
 	}
 }
 
-func testAccAWSEksNodeGroupConfigBase(rName string) string {
+func testAccAWSEksNodeGroupConfigBaseIamAndVpc(rName string) string {
 	return fmt.Sprintf(`
 data "aws_availability_zones" "available" {
   state = "available"
@@ -759,16 +760,23 @@ resource "aws_security_group" "test" {
 resource "aws_subnet" "test" {
   count = 2
 
-  availability_zone = data.aws_availability_zones.available.names[count.index]
-  cidr_block        = cidrsubnet(aws_vpc.test.cidr_block, 8, count.index)
-  vpc_id            = aws_vpc.test.id
+  availability_zone       = data.aws_availability_zones.available.names[count.index]
+  cidr_block              = cidrsubnet(aws_vpc.test.cidr_block, 8, count.index)
+  map_public_ip_on_launch = true
+  vpc_id                  = aws_vpc.test.id
 
   tags = {
     Name                          = "tf-acc-test-eks-node-group"
     "kubernetes.io/cluster/%[1]s" = "shared"
   }
 }
+`, rName)
+}
 
+func testAccAWSEksNodeGroupConfigBase(rName string) string {
+	return composeConfig(
+		testAccAWSEksNodeGroupConfigBaseIamAndVpc(rName),
+		fmt.Sprintf(`
 resource "aws_eks_cluster" "test" {
   name     = %[1]q
   role_arn = aws_iam_role.cluster.arn
@@ -783,7 +791,29 @@ resource "aws_eks_cluster" "test" {
     "aws_main_route_table_association.test",
   ]
 }
-`, rName)
+`, rName))
+}
+
+func testAccAWSEksNodeGroupConfigBaseVersion(rName string, version string) string {
+	return composeConfig(
+		testAccAWSEksNodeGroupConfigBaseIamAndVpc(rName),
+		fmt.Sprintf(`
+resource "aws_eks_cluster" "test" {
+  name     = %[1]q
+  role_arn = aws_iam_role.cluster.arn
+  version  = %[2]q
+
+  vpc_config {
+    subnet_ids = aws_subnet.test[*].id
+  }
+
+  depends_on = [
+    "aws_iam_role_policy_attachment.cluster-AmazonEKSClusterPolicy",
+    "aws_iam_role_policy_attachment.cluster-AmazonEKSServicePolicy",
+    "aws_main_route_table_association.test",
+  ]
+}
+`, rName, version))
 }
 
 func testAccAWSEksNodeGroupConfigNodeGroupName(rName string) string {
@@ -936,13 +966,17 @@ resource "aws_eks_node_group" "test" {
 `, rName, labelKey1, labelValue1, labelKey2, labelValue2)
 }
 
-func testAccAWSEksNodeGroupConfigReleaseVersion(rName, releaseVersion string) string {
+func testAccAWSEksNodeGroupConfigReleaseVersion(rName string) string {
 	return testAccAWSEksNodeGroupConfigBase(rName) + fmt.Sprintf(`
+data "aws_ssm_parameter" "test" {
+  name = "/aws/service/eks/optimized-ami/${aws_eks_cluster.test.version}/amazon-linux-2/recommended/release_version"
+}
+
 resource "aws_eks_node_group" "test" {
   cluster_name    = aws_eks_cluster.test.name
   node_group_name = %[1]q
   node_role_arn   = aws_iam_role.node.arn
-  release_version = %[2]q
+  release_version = data.aws_ssm_parameter.test.value
   subnet_ids      = aws_subnet.test[*].id
 
   scaling_config {
@@ -957,7 +991,7 @@ resource "aws_eks_node_group" "test" {
     "aws_iam_role_policy_attachment.node-AmazonEC2ContainerRegistryReadOnly",
   ]
 }
-`, rName, releaseVersion)
+`, rName)
 }
 
 func testAccAWSEksNodeGroupConfigRemoteAccessEc2SshKey(rName string) string {
@@ -1104,13 +1138,13 @@ resource "aws_eks_node_group" "test" {
 }
 
 func testAccAWSEksNodeGroupConfigVersion(rName, version string) string {
-	return testAccAWSEksNodeGroupConfigBase(rName) + fmt.Sprintf(`
+	return testAccAWSEksNodeGroupConfigBaseVersion(rName, version) + fmt.Sprintf(`
 resource "aws_eks_node_group" "test" {
   cluster_name    = aws_eks_cluster.test.name
   node_group_name = %[1]q
   node_role_arn   = aws_iam_role.node.arn
   subnet_ids      = aws_subnet.test[*].id
-  version         = %[2]q
+  version         = aws_eks_cluster.test.version
 
   scaling_config {
     desired_size = 1
@@ -1124,5 +1158,5 @@ resource "aws_eks_node_group" "test" {
     "aws_iam_role_policy_attachment.node-AmazonEC2ContainerRegistryReadOnly",
   ]
 }
-`, rName, version)
+`, rName)
 }
diff --git a/examples/eks-getting-started/vpc.tf b/examples/eks-getting-started/vpc.tf
index 99d9d7921df..4bd3507953d 100644
--- a/examples/eks-getting-started/vpc.tf
+++ b/examples/eks-getting-started/vpc.tf
@@ -18,9 +18,10 @@ resource "aws_vpc" "demo" {
 resource "aws_subnet" "demo" {
   count = 2
 
-  availability_zone = data.aws_availability_zones.available.names[count.index]
-  cidr_block        = "10.0.${count.index}.0/24"
-  vpc_id            = aws_vpc.demo.id
+  availability_zone       = data.aws_availability_zones.available.names[count.index]
+  cidr_block              = "10.0.${count.index}.0/24"
+  map_public_ip_on_launch = true
+  vpc_id                  = aws_vpc.demo.id
 
   tags = map(
     "Name", "terraform-eks-demo-node",