Help improve this page
Want to contribute to this user guide? Scroll to the bottom of this page and select Edit this page on GitHub. Your contributions will help make our user guide better for everyone.
Amazon VPC CNI plugin for Kubernetes
The Amazon VPC CNI plugin for Kubernetes Amazon EKS add-on is a Kubernetes container network interface (CNI) plugin
that provides native VPC networking for your cluster. The self-managed or managed type of
this add-on is installed on each Amazon EC2 node, by default. For more information, see Kubernetes container network interface (CNI) plugin
The Amazon EKS add-on name is vpc-cni
.
Required IAM permissions
This add-on uses the IAM roles for
service accounts capability of Amazon EKS. If your cluster uses
the IPv4
family, the permissions in the AmazonEKS_CNI_Policy are required. If your cluster uses the
IPv6
family, you must create an
IAM policy with the permissions in IPv6 mode
Replace
with the
name of your cluster and
my-cluster
with
the name for your role. If your cluster uses the AmazonEKSVPCCNIRole
IPv6
family, then replace
with the name of the policy that you created. This command requires that
you have AmazonEKS_CNI_Policy
eksctl
eksctl create iamserviceaccount --name aws-node --namespace kube-system --cluster
my-cluster
--role-nameAmazonEKSVPCCNIRole
\ --role-only --attach-policy-arn arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
--approve
Update information
You can
only update one minor version at a time. For example, if your current
version is
1.28.
and you want to update to
x
-eksbuild.y
1.30.
,
then you must update your current version to
x
-eksbuild.y
1.29.
and then update it again to
x
-eksbuild.y
1.30.
.
For more information about updating the add-on, see Updating the Amazon EKS add-on.x
-eksbuild.y